Firewall Wizards mailing list archives

RE: VPN Tunnel Stalling

From: "James Grayson" <James.Grayson () energis com>
Date: Thu, 24 Feb 2005 10:55:27 -0000

That is exactly my problem, 3.6.5 concentrator to 6.3 PIX. Once a day
the tunnel stalls, logging it out and in fixes it. I will see about
getting the IOS upgraded.

Thanks!

James.

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Paul
Melson
Sent: 14 February 2005 14:43
To: firewall-wizards () honor icsalabs com
Subject: RE: [fw-wiz] VPN Tunnel Stalling

What version of the VPN 3000 software is running on your concentrator,
and
what type and rev. is the remote endpoint?  

I saw a similar issue in the wild a couple years back with a 3015
running
one of the 3.x releases (afraid I can't be more specific - it was too
long
ago) and a PIX running 6.2 where after about 24 hours (perhaps not
coincidentally the key exchange lifetime), the tunnel would go quiet.
Administratively disconnecting the tunnel at either end and then passing
matching traffic would bring the tunnel back up, as would restarting
either
device.  The resolution was to upgrade the 3015's software.

PaulM

-----Original Message-----
Subject: [fw-wiz] VPN Tunnel Stalling

FW gurus,

I'm having a particular problem with a site-to-site tunnel on a Cisco
VPN
Concentrator 3005 (Running 3.6.5). There are a number of other tunnels
that
work without issue, but one in particular stalls at least once a day and
traffic stops (although the tunnel remains up). Forcing the session to
log
out and letting it come back up results in traffic being able to pass
again.

Any thoughts on a possible cause?

Cheers,

/j

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



At Energis we want our customers to succeed. That's why we really welcome
your views on how we can improve our performance. If you have any comments,
good or bad, please let us know by following this link to our feedback form:
http://www.energis.com/Internet/pages/contacts/feedback.aspx?section=feedback

********************************************************
This e-mail is sent by Energis Communications Limited and its contents
are confidential and may be legally privileged.
********************************************************
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

VPN Tunnel Stalling James Grayson (Feb 11)
- Re: VPN Tunnel Stalling [s] Robert Davila [c] (Feb 12)
- RE: VPN Tunnel Stalling Paul Melson (Feb 14)
- <Possible follow-ups>
- RE: VPN Tunnel Stalling James Grayson (Feb 24)