Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Site-to-site VPN ISA to Cisco 1841

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site-to-site VPN ISA to Cisco 1841 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Site-to-site VPN ISA to Cisco 1841 - 2.Oct.2008 4:17:40 AM   
mojana

 

Posts: 2
Joined: 29.Apr.2008
Status: offline 		Hi,

I have set up a ipsec tunnel between a ISA2004 SP3 server and a Cisco 1841 router. The Cisco 1841 router is behind an NAT device (Cisco 3800 series). I use NAT traversal (UDP encapsulation). Main mode rekey is set to 24 hours. Quick mode rekey is set to 1 hour. The tunnel works great, but I have one strange problem. The ISA server drops the main mode connection after 23 hours instead of 24 hours. This means that the tunnel main mode rekey moves up an hour everyday (1 hour earlier than expected). Normally this wouldn't be a problem but when the main mode is rekeying, the tunnel is dropped for 1 minute or so. This will kill my backup.

Is this normal behaviour and are these things related? May the NAT traversal be the problem?
Any help would be appreciated!



Setup:

ISA ----- Cisco 3800 (NAT) ---- Cisco 1841
    <\\\\\\\\\\\\\\\tunnel\\\\\\\\\\\>

< Message edited by mojana -- 2.Oct.2008 4:22:51 AM >
Post #: 1

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> VPN >> Site-to-site VPN ISA to Cisco 1841 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts