Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
590
Views
0
Helpful
1
Replies

EZY VPN fix

The_guroo_2
Level 2
Level 2

‎02-12-2012 06:19 PM

Hi Guys

We have a new remote site for customer which onlyu have 3G connection and to add more pain to that they have dynamic IP address......the easist possible solution was EZY VPN.....client has 2800 router with 3G and at our end we have ASA.....the issue is that , that always server (clients nehind) asa initiate conection to the remote site ie to 3G.....the rule of thuimb is that whenever client(ie EZY VPN) will initiate conection the tunnel will establish

can someone recommend anything....like IP sla what shd we do to keep the tunnel up as application flow is from server to client not from client to server in out case

Thanks in advance

Labels:
0 Helpful
1 Reply 1

rizwanr74
Level 7
Level 7

‎02-13-2012 08:22 AM

Yes, IP SLA will keep the tunnel up.

Here is a sample config

The source-ip is (i.e. 172.16.2.1), which interface should IP-SLA uses to echo the reply from the remote host (i.e 4.2.2.2) in this example.  This is IP (i.e. 4.2.2.2) is only for an illustration, however your case, this (4.2.2.2) can be your remote peer's address. 

The "frequency 10" is how often should ping the remote host.

ip sla 1

icmp-echo 4.2.2.2 source-ip 172.16.2.1

timeout 20000

frequency 10

ip sla schedule 1 life forever start-time now

ip sla enable reaction-alerts

I hope, this has been any help for you.

Thanks

Rizwan Rafeek

0 Helpful
Customers Also Viewed These Support Documents