Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
477
Views
0
Helpful
2
Replies

EZVPN remotes not coming up imediately after firwall reload

relsethagen
Level 1
Level 1

‎04-07-2012 10:04 PM

I have about 30 remote EZVPN 1811 routers that never come up after a firewall reload for about an hour. I have watched the EZVPN remotes and they believe they still have an IPSEC SA and they never attempt to reconnect until their IKE SA times out. Is there any way I can change this behavior so that the remotes will more rapidly recognize that their SA is invalid and negotiate a new one?

Labels:
0 Helpful
2 Replies 2

relsethagen
Level 1
Level 1

‎04-07-2012 10:06 PM

I should have said that EZVPN server is a 5520 ASA running 8.2

0 Helpful

rohaverm
Level 1
Level 1

‎04-07-2012 11:49 PM

You can try "crypto isakmp keepalive 10 periodic" on router.

IOS code on 1811 Router?

RV

0 Helpful
Customers Also Viewed These Support Documents