Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
239
Views
3
Helpful
1
Replies

How to monitor a VPN location

armin.kraus
Level 1
Level 1

‎11-28-2002 01:39 AM - edited ‎02-21-2020 12:12 PM

Hi,

I have to monitor several VPN locations in Cisco Secure.

In all locations there are 5-10 workstations and one print server. The VPN is realized in Network Extension Mode with a Pix501 in the outside locations and VPN Concentrator 3005 in the central side. We monitor the print server because it is allways powered on. But if all workstations are powered off and we got a change of the dynamically allocated IP address on the pix, no new VPN tunnel would be established. So we can´t poll the print server. If one workstation is powered on the VPN tunnel is going up and anything is working fine.

I should have a solution to monitor the print server if all workstations are being powerde off.

Thanks for any suggestions !

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎11-28-2002 07:06 PM

Unfortunately there's not a lot you can do here. Unless there's traffic originating from the remote site, the tunnel will go down after the SA expires. Even sending pings to teh print server won't stop the SA from expiring, and once it expires the traffic has to be initiated from the remote site.

Even extending the lifetime of your SA's won't help, cause you'll eventually get to a point where the SA expires and the PC's are powered off. It may reduce the frequency of your problem, but the problem will still occur every now and then.

Customers Also Viewed These Support Documents