I have several Cisco 881 deployed in the field for VPN connectivity back to my main office. When the ASA at the main office gets rebooted during routine maintenance, the Cisco 881 always have to be rebooted before they will re-establish a VPN connection. Is there anything I can put in the config, that would allow the Cisco 881's to auto reconnect after the ASA has been rebooted? Below is a copy of one of the configs. Thanks in advance.
hostname TESTvpn
no logging buffered
enable secret 5 *********************
no aaa new-model
clock timezone EASTERN -5
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec client ezvpn VPN3000
connect auto
group CommunitySplitTunnel key ******
mode network-extension
peer Test.com default
username TESTuser password ********
xauth userid mode local
no ip dhcp use vrf connected
ip dhcp excluded-address 172.30.40.1
ip dhcp excluded-address 172.30.40.2
ip dhcp excluded-address 172.30.40.31 172.30.40.255
ip dhcp excluded-address 172.31.40.1 172.31.40.120
ip dhcp pool DHCP-Voice
import all
network 172.30.40.0 255.255.255.0
default-router 172.30.40.1
dns-server 10.10.10.45
option 150 ip 192.168.64.14 192.168.64.15
ip dhcp pool DHCP-Data
import all
network 172.31.40.0 255.255.255.0
default-router 172.31.40.1
dns-server 10.10.10.45
ip domain lookup
ip name-server 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220
ip domain name sun.ins
username admin privilege 15 password **************
archive
log config
hidekeys
ip tftp source-interface Vlan10
interface FastEthernet0
switchport access vlan 10
switchport mode access
switchport voice vlan 1
no shut
interface FastEthernet1
switchport access vlan 10
switchport mode access
switchport voice vlan 1
no shut
interface FastEthernet2
switchport access vlan 10
switchport mode access
switchport voice vlan 1
no shut
interface FastEthernet3
switchport access vlan 10
switchport mode access
switchport voice vlan 1
no shut
interface FastEthernet4
description Connection-to-Internet$ES_WAN$
ip address dhcp client-id FastEthernet4
ip access-group 124 out
ip virtual-reassembly
load-interval 30
duplex auto
speed auto
crypto ipsec client ezvpn VPN3000
service-policy output Parent
no shut
interface Vlan1
description Voice-VLAN
ip address 172.30.40.1 255.255.255.0
ip access-group 123 in
no autostate
crypto ipsec client ezvpn VPN3000 inside
interface Vlan10
description Data-VLAN
ip address 172.31.40.1 255.255.255.0
ip virtual-reassembly
ip tcp adjust-mss 1452
no autostate
crypto ipsec client ezvpn VPN3000 inside
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
access-list 100 permit ip 172.30.40.0 0.0.0.255 any
access-list 100 permit ip 172.31.40.0 0.0.0.255 any
access-list 123 permit ip any any dscp ef
access-list 123 permit ip any any
access-list 124 permit ip any any dscp ef
access-list 124 permit esp any any
access-list 124 permit ip any any
snmp-server community sunrw RW
snmp-server community sun RO
line con 0
password 7 1330000B282D107B
logging synchronous
login local
no modem enable
line aux 0
line vty 0 4
password 7 0233134228271B70
logging synchronous
login local
length 0
transport input all
scheduler max-task-time 5000
webvpn cef
end