Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1037
Views
0
Helpful
0
Replies

IPSec tunnel between ASA and ZyWall disconnects after 45 minutes

Jan Paul
Level 1
Level 1

‎08-26-2014 01:30 AM - edited ‎02-21-2020 07:47 PM

I have an issue with stability of a VPN tunnel. I have created a fully functional site-2-site VPN between a ASA 5510 cluster running (8.3.1) and a Zyxel ZyWall 5 running 4.04 firmware.

The tunnel works fine for 45 minutes. A that time, the ASA starts with IKE rekeying. It seems that the ZyWall does not fully understand what the ASA is trying, and decides to drop the Phase1 and Phase2 tunnels. Then, as interesting traffic is offered from either side, the tunnel starts to build up from scratch. The whole process takes a few minutes. 

This resembles some issues that CheckPoint has when connecting to an ASA firewall as described in this link. 

I'm a bit lost on how to solve this issue (besides replacing the ZyWall with an ASA). Any help would be appreciated.

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents