cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1652
Views
0
Helpful
8
Replies

VPN Tunnel Reseting

kirkgoins
Level 1
Level 1

I have an ASA 5510 at V8.2(5) with something near 20 site to site VPN tunnels. I am having a problem with 1 tunnel to a RVS4000. The tunnel is completely closed and reset during Phase2. Here is a small snipet at the time of the tunnel reset

x.x.x.x, Username = x.x.x.x, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 7h:36m:30s, Bytes xmt: 333755, Bytes rcv: 86281, Reason: User Requested

Followed by

Group = x.x.x.x, IP = x.x.x.x, Active unit receives a centry expired event for remote peer x.x.x.x.

We use a number of connection oreinted sessions and this blowing them out of the water. all other tunnels are up for DAYS to more than a Month.

How can I prevent this reset from happening?

Thanks

8 Replies 8

ALIAOF_
Level 6
Level 6

What is the time interval?  Or is it random?

Timers for IPSec and IKE are set to 28800 ( 8hrs ). Reset is happening at roughly 7hrs 35min ( give or take a minute or 2)

Have you tried to increase the timers to 24 hours instead?

We tried that last night and still waitning to see the results. While 24hrs is better than reseting 3 times a day, it is not consistant with how other devices are acting. Is this a limitation of the RVS4000

With 24 hours you might not even have to do it at all.  I'm not sure about RVS4000, never used it unfortunately.  Were you able to change it on both sides or just the ASA?

It has been set on both devices...Guess we wait and see. Should know in about 4hrs

I'm curious myself too now as I have not dealt with the RVS4000 post back the results if you can.

Well 23.5 hours and it reset.   I will cause a reset at O'Dark O'Clock ( 3am router time ) when no one is on the VPN so this will be less of a problem until I can sort it out.