dynamic vpn keep alive
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||
|
Posted by sali on June 14, 2009, 5:45 pm
Please log in for more thread options
i have cisco 1841 [headq] on static address and cisco 876 [branch office] on dynamic adsl address it is configured an ipsec vpn tunnel between them so both locations are part of corporate network [wan] when the tunnel is up, i may reach headq from branch, and branch from headq as well, this is ok problem: but, when 876 adsl address changes [regularly], obviously tunnel is going down, and i need incoming call [f.e. ping] from branch office to static headq [well known ip] to re-establish the tunnel. it is then ok for next period current solution: at branch office, i have one dedicated workstation allways powered-on that serves as ping generator, to keep tunnel to headq on. i was not trying any solution based on dyndns or similar. question: is it possible to configure cisco 876 router to periodicaly issue ping [or something similar] on frequent basis [few minutes] to force tunnel re-establish after adsl address change any suggestions? thnx! | ||||||||||
|
Posted by bod43 on June 14, 2009, 6:35 pm
Please log in for more thread options track 1 rtr 101 reachability delay down 20 up 20 ip sla 101 icmp-echo 10.0.0.1 timeout 1000 ip sla schedule 101 life forever start-time now Or NTP can be used. In both cases you are likely to require to set the source address for the traffic since you have a vpn. | ||||||||||
|
Posted by sali on July 20, 2009, 4:12 pm
Please log in for more thread options grupi:6d9aeb0f-ba4b-40e6-85c4-0435f8946dec@c18g2000prh.googlegroups.com...
>> is it possible to configure cisco 876 router to periodicaly issue ping
>> [or >> something similar] on frequent basis [few minutes] to force tunnel >> re-establish after adsl address change >
> track 1 rtr 101 reachability > delay down 20 up 20 > ip sla 101 > icmp-echo 10.0.0.1 > timeout 1000 > ip sla schedule 101 life forever start-time now just to say that my netw admin has done something upon your suggestion, and since that, vpn-over-adsl is working well for few weeks. thnx again! | ||||||||||
|
Posted by bod43 on July 21, 2009, 12:51 am
Please log in for more thread options > grupi:6d9aeb0f-ba4b-40e6-85c4-0435f8946...@c18g2000prh.googlegroups.com...
> > >> is it possible to configure cisco 876 router to periodicaly issue ping
> >> [or > >> something similar] on frequent basis [few minutes] to force tunnel > >> re-establish after adsl address change >
> > track 1 rtr 101 reachability
> > delay down 20 up 20 > > ip sla 101 > > icmp-echo 10.0.0.1 > > timeout 1000 > > ip sla schedule 101 life forever start-time now >
> just to say that my netw admin has done something upon your suggestion, and > since that, vpn-over-adsl is working well for few weeks. > > thnx again! That's good, always nice to hear that I am not completely clueless. Saying that, I have just faked up NTP in the past:-) The SLA stuff is not that easy to follow. Good luck. | ||||||||||
|
Posted by sali on July 22, 2009, 3:04 am
Please log in for more thread options
grupi:edfdeb0f-7a67-4f21-ab3a-59211935edbf@w41g2000yqb.googlegroups.com... >> grupi:6d9aeb0f-ba4b-40e6-85c4-0435f8946...@c18g2000prh.googlegroups.com...
>> >> just to say that my netw admin has done something upon your suggestion, >> and >> since that, vpn-over-adsl is working well for few weeks. >
> That's good, always nice to hear that I am > not completely clueless. this cisco-876 is a funny device, i have few of them, and having other problems with them too there is a branch office with few employees, cisco-876 adsl [but in this case, there is static ip, if it counts], and one of computers is not able to send mail. cisco passes just the first few hundreds of bytes over port 25 [smtp] and then stops, so, from that very computer, it is possible to send only very short mails. after reseting the cisco 876-router, it sends mail correctly for next few days. and again, this happens only on *one* of computers, all other whole time sends mails [no matter how long they are] without any problem. i have noticed this problem in two branch offices, with two different cisco-876 i have checked this problem not just with mail client [you really don't know what does mail client is doing], but also with telnet, over port 25. and after few lines sent, the traffic realy blocks my assumptions were that cisco-876 builds some internal tables based on computer's nic mac, and somehow, maybe because of some traffic overload, this respective nic mac appears stucked, and its traffic over port 25 blocked have you maybe any clue what can be done to resolve [or further investigate] this problem? thnx! | ||||||||||
| Similar Threads | Posted |
| dynamic vpn keep alive | June 14, 2009, 5:45 pm |
| DSL Line dropping, need cable pull for ATM interface to come alive | December 30, 2005, 10:36 am |
| VPN between peers with dynamic IP address and dynamic DNS | February 4, 2008, 12:28 pm |
| Dynamic Outside NAT | November 30, 2005, 4:43 pm |
| dynamic? | March 3, 2006, 2:07 am |
| NAT to dynamic IP? | August 1, 2008, 2:03 am |
| Dynamic Outside Translation | October 17, 2005, 4:29 pm |
| Dynamic bandwidth | December 14, 2005, 2:49 pm |
| Dynamic DNS woes | January 7, 2006, 1:11 pm |
| PIX dynamic VPN question | June 19, 2006, 10:40 am |
| Static & Dynamic NAT | July 4, 2006, 11:31 am |
| dynamic ban-list | July 7, 2006, 5:14 am |
| Re: Dynamic NAT Failure | September 1, 2006, 9:53 am |
| Dynamic NAT Failure | August 28, 2006, 11:54 am |
| Dynamic to Static PIX to PIX VPN | September 19, 2006, 10:34 am |
|
Home Cabling GuideFinally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language! Learn More |
> i have cisco 1841 [headq] on static address and cisco 876 [branch office] on
> dynamic adsl address
> it is configured an ipsec vpn tunnel between them so both locations are part
> of corporate network [wan]
> when the tunnel is up, i may reach headq from branch, and branch from headq
> as well, this is ok
>
> problem:
> but, when 876 adsl address changes [regularly], obviously tunnel is going
> down, and i need incoming call [f.e. ping] from branch office to static
> headq [well known ip] to re-establish the tunnel. it is then ok for next
> period
>
> current solution:
> at branch office, i have one dedicated workstation allways powered-on that
> serves as ping generator, to keep tunnel to headq on. i was not trying any
> solution based on dyndns or similar.
>
> question:
> is it possible to configure cisco 876 router to periodicaly issue ping [or
> something similar] on frequent basis [few minutes] to force tunnel
> re-establish after adsl address change
>
> any suggestions?
>
> thnx!