Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
669
Views
0
Helpful
0
Replies

SA rekey

sridhar ch
Level 1
Level 1

‎04-09-2012 08:16 AM

Hi,

I have couple of site-site vpn tunnels between cisco asa 5520 and checkpoint utm edge devices. Initially the tunnels were going down very frequently, but after analyzing the conf at both ends i have noticed that lieftime is set incorrectly. so i have changed on the asa to match with checkpoint,after that a new problem was discovered. Tunnel is up for 4-6 hrs after that it goes down. when i execute sh isakmp sa in asa i  can see the below.

IKE Peer: x.x.x.x

    Type    : L2L             Role    : initiator

    Rekey   : yes             State   : MM_ACTIVE_REKEY

IKE Peer: x.x.x.x

    Type    : L2L             Role    : responder

    Rekey   : no              State   : MM_REKEY_DONE_H2

i need to clear the tunnel to bring it up everytime. what should be done to keep the tunnel up?

Thanks,

Sridhar

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents