I have a PIX 501 on a site to site connection. The home office site (VPN3000) was restarted during a power failure. The PIX 501 did not reconnect in a timely fashion. Do I need to change the timeout conn setting or is this an issue where I need to configur dead peer detection? Timeout settings are as follows:
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00thanks
I have a PIX 501 on a site to site connection. The home office site (VPN3000) was restarted during a power failure. The PIX 501 did not reconnect in a timely fashion. Do I need to change the timeout conn setting or is this an issue where I need to configur dead peer detection? Timeout settings are as follows:
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00thanks
You could fiddle with your isakmp keepalive, but unless you changed it before, I suspect it would not solve your problem. Changing your isakmp identity between address and hostname might improve the situation, though. (The key word there is 'improve'; I've known it to take more than 10 minutes even with everything configured properly.)
You may also wish to investigate Cisco PIX Hardware Troubleshooting:
Brad Reese Cisco Resumes
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.