10-11-2012 05:20 AM
Hi All - We have a VPN established between the above devices (I don't have more info on the Juniper as it's a client site) The Juniper initiates the VPN and all is well, tunnel is up all ok but approx every 45 minutes the VPN drops.
Any ideas what this could be and what we can do to narrow down the problem, the tunnel parameters are set to keep it alive for 8 hours but that doesn't help.
Many thanks for your help in advance
Cheers
Mark.
Solved! Go to Solution.
10-11-2012 07:44 AM
Mark,
I think you'll find that if you have NTP set to an official source, ie not manually set then the link will stay up.
The issues is something to do with the clocks at each end going out of sync then resetting themselves periodically.
Hope this helps,
Stephen
10-11-2012 06:40 AM
Disable the ISAKMP keepalive or any other DPD/keepalive on both the ASA and Juniper firewall.
Keepalive is not compatible between 2 different vendors.
10-11-2012 08:03 AM
Thanks Jeniffer that's useful to know - it seems Stephen's answer below is the one that's fixed it though.
Many thanks for your help!!
10-11-2012 08:09 AM
Great.. I am learning new thing everyday
10-11-2012 07:44 AM
Mark,
I think you'll find that if you have NTP set to an official source, ie not manually set then the link will stay up.
The issues is something to do with the clocks at each end going out of sync then resetting themselves periodically.
Hope this helps,
Stephen
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide