ASA: L2L VPN tunnel Drops Every 24 hours

Discussion in 'Cisco' started by ankitm, Apr 26, 2009.

  1. ankitm


    Apr 26, 2009
    Likes Received:
    We have a Cisco ASA running with 20-25 L2L tunnels and all working fine except one get drop every 24 hours which is IKE phase1 rekey timer. This tunnel was also working fine since months and this behaviour started happening since last week. We have played with all kind of timer values and keepalive DPD. Running Debug close to that time found two messages which brings the tunnel down. IKE lost contact with remote peer, deleting connection (keepalive type: DPD) IKE SA MM:d155e71d rcv'd Terminate: state MM_ACTIVE. This happens only at interval of 24 hours otherwise DPD messages are good. This is only happening with one tunnel. Other end is Juniper and do not have control to it. To bring the tunnel back we have to restart the application interface. If anyone has encountered same message please reply to this post. Much appreciated
    ankitm, Apr 26, 2009
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.