VPN data flow stopped until Cisco Peer reinitiates traffic flow

brianmeaney · ‎06-10-2011

Hi Folks,

having a strange issue with my newly setup Lan-to-Lan connection.

Initially traffic flows freely between both ends, but after some time, the far end (a Sonicwall NSA) can no longer contact the Cisco end.

But when I hop on to the cisco and initiate a ping back to the Sonicwall end, traffic flows once again without issue.

The Cisco can always flow traffic to the far end, but the Sonicwall cannot.

Anybody have any ideas or suggestions?

Thanks,

Brian

mohankumarm · ‎06-10-2011

what is the isakmp/ipsec life time set to on the devices?

brianmeaney · ‎06-10-2011

Hi Mohan,

here is my crypto map:-

Current peer: x.x.x.x

Security association lifetime: 4608000 kilobytes/3600 seconds

PFS (Y/N): N

Transform sets={

BSBTransform,

}

Interfaces using crypto map BSB:

FastEthernet0/0

Global IKE policy

Protection suite of priority 1

encryption algorithm: DES - Data Encryption Standard (56 bit keys).

hash algorithm: Secure Hash Standard

authentication method: Pre-Shared Key

Diffie-Hellman group: #1 (768 bit)

lifetime: 28800 seconds, no volume limit

Default protection suite

encryption algorithm: DES - Data Encryption Standard (56 bit keys).

hash algorithm: Secure Hash Standard

authentication method: Rivest-Shamir-Adleman Signature

Diffie-Hellman group: #1 (768 bit)

lifetime: 86400 seconds, no volume limit