Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
476
Views
0
Helpful
3
Replies

Pix to Pix VPN deleting SA's

soneill21015
Level 1
Level 1

‎05-21-2004 11:40 AM - edited ‎02-21-2020 01:10 PM

I have a PIX 525 on each end of a T3 connection. Every few days, I can see in the syslog (and experience it when it occurs during workday) the following:

%PIX-6-602302: deleting SA, (sa) sa_dest= x.x.x.x, sa_prot= 50, sa_spi= 0xb9f82428(3120047144), sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 19

Sometimes I can still ping addresses at the other end of the VPN but applications will not function.

Usually the SA gets reestablished in a few minutes, but occasionally it is longer. I appreciate any help

Here are the configs:

Labels:
Preview file
22 KB
0 Helpful
3 Replies 3

patrick.cannon
Level 1
Level 1

‎05-23-2004 12:04 PM

Is the vpn tunnel being renegotiated when this occurs?

How do you fix it when it happens?

Is your link getting oversubscribed?

0 Helpful

soneill21015
Level 1
Level 1
In response to patrick.cannon

‎05-23-2004 05:46 PM

These mesage appear on only 1 of the PIX's. The other never seems to drop the VPN, so I don't know if renegotiation is occuring.

It happens several times a day and corrects itself, usually within 5-15 minutes.

Link is not oversubscribed. It is a full T3 which at this point is not even in production as the site is new.

0 Helpful

patrick.cannon
Level 1
Level 1

‎05-23-2004 12:06 PM

Is the vpn tunnel being renegotiated when this occurs?

How do you fix it when it happens?

Is your link getting oversubscribed?

0 Helpful
Customers Also Viewed These Support Documents