cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
333
Views
0
Helpful
0
Replies
Highlighted
Beginner

SA520 VPN keeps dropping

17180.1812147IPsec SA Established


TX (KB)          TX(Packets)

Showing current highest traffic on one of three SA520's. This is one vpn up and runining for 30 minutes.  All have fimware 2.1.71.  All running AES-128, SHA-1, and Group 2 (1024 bit).

Each has three seperate vpns with these settings. Vpns are ging down, but IPSec staus show up. I lose connectivty to a device and I check that the firewall shows the tunnel is up. But if I ping a device that should be accessable it fails. I disable and re-enable the tunnel and then everything works including the ping test. This is happening once a day or more.

Why would the firewall show status up and active but I can't ping? Why does forcing the tunnel restart get everything up and running agin? Am I taxing these units too much? Status show CPU at 13% and memmory at 57% which should be acceptable.

Any advice is much appreciated.

0 REPLIES 0