cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3279
Views
5
Helpful
4
Replies
Highlighted
Beginner

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Hi All - We have a VPN established between the above devices (I don't have more info on the Juniper as it's a client site) The Juniper initiates the VPN and all is well, tunnel is up all ok but approx every 45 minutes the VPN drops.

Any ideas what this could be and what we can do to narrow down the problem, the tunnel parameters are set to keep it alive for 8 hours but that doesn't help.

Many thanks for your help in advance

Cheers

Mark.  

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Mark,

I think you'll find that if you have NTP set to an official source, ie not manually set then the link will stay up.

The issues is something to do with the clocks at each end going out of sync then resetting themselves periodically.

Hope this helps,

Stephen

View solution in original post

4 REPLIES 4
Highlighted
Cisco Employee

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Disable the ISAKMP keepalive or any other DPD/keepalive on both the ASA and Juniper firewall.

Keepalive is not compatible between 2 different vendors.

Highlighted
Beginner

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Thanks Jeniffer that's useful to know -  it seems Stephen's answer below is the one that's fixed it though.

Many thanks for your help!!

Highlighted
Cisco Employee

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Great.. I am learning new thing everyday

Highlighted
Beginner

Juniper Firewall to cisco asa 5540 VPN drops every 45 mins

Mark,

I think you'll find that if you have NTP set to an official source, ie not manually set then the link will stay up.

The issues is something to do with the clocks at each end going out of sync then resetting themselves periodically.

Hope this helps,

Stephen

View solution in original post