Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
1706
Views
0
Helpful
2
Replies
Highlighted
pidomudes
Beginner
Beginner
‎05-20-2014 10:45 AM
‎05-20-2014 10:45 AM

force IPSec tunnel to stay up even if no traffic

Hello,

We are running exactly through the same problem as already described here;

https://supportforums.cisco.com/discussion/11666661/can-we-automatically-renegotiate-phase-2-sa-so-vpn-tunnel-stays-even-if-no

We are actually running ASA 9.1 and the remote peer is a Fortigate. Is there new fonction that has been introduce since the forum post above or does creating a sla is the only way to keep up IPsec tunnel.

Regards

Labels:
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Marvin Rhoads
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
‎05-20-2014 12:28 PM
‎05-20-2014 12:28 PM

Nothing new has been built into the ASA to accommodate this requirement.

I've also had good results a script running on an internal host to send a "tcp ping" to a remote host, thus making sure interesting traffic was present frequently enough to keep the tunnel up.

View solution in original post

0 Helpful
2 REPLIES 2
Highlighted
Marvin Rhoads
Hall of Fame Guru Hall of Fame Guru
Hall of Fame Guru
‎05-20-2014 12:28 PM
‎05-20-2014 12:28 PM

Nothing new has been built into the ASA to accommodate this requirement.

I've also had good results a script running on an internal host to send a "tcp ping" to a remote host, thus making sure interesting traffic was present frequently enough to keep the tunnel up.

View solution in original post

0 Helpful
Highlighted
pidomudes
Beginner
Beginner
In response to Marvin Rhoads
‎05-21-2014 06:40 AM
‎05-21-2014 06:40 AM

Thanks for your help

0 Helpful
Latest Contents
securing n5548af with copp
Created by blackmetal on 09-27-2020 12:08 AM
0
0
0
0
Hello,i have a N5k-k5548up-af and i have a acl for trusted network which is attached to line vty and to my uplinks interface, and i have around 250 interface vlan and my interface vlans can reach bgp port or snmp port, is there nayway that tune copp to pe... view more
From Zero to CCIE Security: Tips to Prepare for the CCNP & C...
Created by ciscomoderator on 09-25-2020 05:58 PM
0
5
0
5
This event had place on Tuesday 22nd, Septemberat 10hrs PDT  Introduction Featured Author Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role help... view more
What's New for Cisco Defense Orchestrator (CDO)
Created by Andrew Mallio on 09-25-2020 06:00 AM
1
30
1
30
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.  We make improvement... view more
Getting started with ISE
Created by dgaikwad on 09-24-2020 10:54 PM
2
0
2
0
There has been a lot of grey area when one needs to get started with ISE or when one does not have any specific background.Could you please guide me to what are the thing that one needs to know inside out and what are the things which require only a minim... view more
FMC - Error while trying to insert object via Python
Created by isaac_ferreira on 09-24-2020 08:12 PM
0
0
0
0
Hello Guys, I'm trying to create a simple script to create new objects on FMC via API, but I'm facing issues(Python 3.8). Script(that pretty simple, I'm not programmer, but I'm trying): import base64import sysimport requestsimport reimport ... view more
Content for Community-Ad
Cisco Community August2020 Spotlight Award Winners

Follow our Social Media Channels