Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
463
Views
0
Helpful
2
Replies

IPsec tunnel ikv2 dropping

pmcferran
Level 1
Level 1

‎11-11-2022 01:41 AM

looking for some help

We have around 60 DrayTek routers runnining site to site vpn and the vpn rekey's every 28800 but never dropped the connection while using ikev1

Since changing to ikev2 when the vpn rekeys at 28800 tunnel breaks conection and restarts which cause some issues with apps that we use

pmcferran_0-1668159025599.png

so in this example vpn will drop in 8 hours if i set to 600 will drop in 10 min then re-establish

ikev1 would stay up forever ?

just to note does the same on cisco router but will dont have to many of them

pmcferran_1-1668159544043.png

Thanks

 

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎11-11-2022 03:01 AM

what is the ASA code running, can you send full information on ASA side for the IKEv2 config.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎11-13-2022 07:41 AM

IKEv1 generate one key for phaseII 
IKEv2 generate multi (child)key for phaseII 
the mean problem with not re-key in phaseII of IKEv2 is PFS config and DH group mismatch

0 Helpful
Customers Also Viewed These Support Documents