Intermittent RV042 Tunnel Phase 2 Issue

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by HughJeffner, May 21, 2007.

  1. HughJeffner

    HughJeffner Guest

    I am having an intermittent issue when using a gateway to gateway VPN tunnel between RV042's. Randomly I will loose connectivity through one of my tunnels. When I check the status of the endpoints in the web interface they both say 'Connected'. Pressing the disconnect button and renegotiating the tunnel restores connectivity. Also, waiting until the Phase2 SA Lifetime expires and Phase 2 re-negotiates also restores connectivity (hence the title of the post).

    I have one unit at the office which tunnels to several remote units. They are all running the firmware. It seems to happen on some tunnels more than others but they have all exhibited this behavior to some degree. I have used this setup for a few years now but it seems to be getting worse lately.

    There seems to be nothing useful or even unusual about the VPN logs. The settings for the tunnels are as follows:

    Keying Mode: IKE with Preshared Key
    Phase1 DH Group: Group 1
    Phase1 Encryption: AES-128
    Phase1 Authentication: MD5
    Phase1 SA Life Time: 28800 seconds
    Perfect Forward Secrecy: Yes
    Phase2 DH Group: Group 1
    Phase2 Encryption: AES-128
    Phase2 Authentication: MD5
    Phase2 SA Life Time: 3600 seconds
    Aggressive Mode: No
    Compress (Support IP Payload Compression Protocol(IPComp)): No
    Keep-Alive: Yes
    AH Hash Algorithm: No
    NetBIOS broadcast: No
    NAT Traversal: No
    Dead Peer Detection (DPD): Yes 60 seconds

    I have tried with DPD disabled and shorter intervals and they do not prevent the problem.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice