Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
775
Views
5
Helpful
5
Replies

Quick Question on isakmp keepalive

jonathanstevens
Level 1
Level 1

‎07-16-2004 03:47 AM

What exactly does the isakmp keepalive do?

What packets are sent? What function does it run?

Labels:
0 Helpful
5 Replies 5

jmia
Level 7
Level 7

‎07-16-2004 05:51 AM

Jonathan,

The crypto isakmp keepalive command is used to send IKE keepalives, which detect the continued connectivity of an IKE security association (SA), between two peer points.

Hope this helps a little,

Jay

0 Helpful

jonathanstevens
Level 1
Level 1
In response to jmia

‎07-16-2004 07:04 AM

I assume they would be UDP packets (port 500)?

To what degree do they check the connection?

Is it a "HELLO" "HELLO I got your HELLO" type thing, or is it more complex?

0 Helpful

jmia
Level 7
Level 7
In response to jonathanstevens

‎07-16-2004 08:17 AM

Jonathan,

You'll find the answers to your questions here (RFC 3706) : http://www.faqs.org/rfcs/rfc3706.html

DPD (Dead Peer Detection) is used to asertain if the remote peer is alive or not, all explained in the RFC - enjoy the read.

Hope this helps.

Jay

rhholmes
Level 1
Level 1
In response to jmia

‎07-16-2004 01:46 PM

I am having a problem with an a tunnel establishing and staying alive. The Cisco TAC rep suggested the problem might be similar to bug CSCdw64626 and that setting the crypto isakmp keepalive to a more aggressive value could solve the problem.

Any idea what an aggressive setting would be?

Thanks,

Rob

0 Helpful

jonathanstevens
Level 1
Level 1
In response to rhholmes

‎07-19-2004 12:02 AM

Jay - Thanks. Exactly what I was looking for.

Rob - Try 10 seconds.

0 Helpful
Customers Also Viewed These Support Documents