12-13-2012 05:58 AM
Dear Cisco
I am using 5 Cisco 5505 ASA builed site to site VPN.
site B,C,D,E all site to site VPN to site A with only IKEv2 IPSEC configurartion.
Reading from Site A ASDM. Monitoring VPN always can read all four site are connected. But, I found that Site D and E the login time during reset time to time with few hours.
1) I would like to know the login time during reset is normal or not?
2) any setup or configuration can fine tune the site to site VPN. Make VPN tunnel more stable?
3) any menthod can monitor site to site VPN is health or not?
Thank you so much for your help
Alan.
Solved! Go to Solution.
12-13-2012 08:09 AM
A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic
B. Yes. Try enabling IKE keepalives
C. Just checking the logs is all I know of
Here's a good doc on VPN's
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml
12-13-2012 08:09 AM
A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic
B. Yes. Try enabling IKE keepalives
C. Just checking the logs is all I know of
Here's a good doc on VPN's
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml
12-13-2012 08:16 AM
Dear Collin
How to enableing IKE keepalives?
By enter following command ?
#sysopt connection preserve-vpn-flows
or
#crypto isakmp policy 50 lifetime 0
Best regards
Alan.
04-07-2014 02:51 AM
test posted unsuccess
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide