Dear all.
My problem is I am using an ASA5505 (7.2.4 SW) as an easy VPN client. I want to set the IKE keepalive to 20 seconds with a 2 times retry. I have to set this in the tunnel group IPsec attributes section of the Easy VPN server (also ASA5505 with 7.2.4 SW)
tunnel-group TEST1 type ipsec-ra
tunnel-group TEST1 general-attributes
default-group-policy myGROUP
tunnel-group TEST1 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 20 retry 2
Problem:
when the client connects and I do a "show vpnclient detail" command I see
crypto isakmp nat-traversal 20
tunnel-group 7.7.7.1 type ipsec-ra
tunnel-group 7.7.7.1 ipsec-attributes
pre-shared-key *
isakmp keepalive threshold 90 retry 5
having been learned from the Easy VPN server. Any ideas how I can reduce this on the client as 90 secs with a 5 times retry is way too long.
Regards
John Keane