Note: Cisco ASA IPSec Tunnel Behaviour


This is my note about ASA IPsec Site-to-site behaviour that I found. The VPN tunnel is down when there is no traffic between the two site (A to B), even when you have configure it.

The solution is simple, just send a simple traffic such as ICMP ping to any private address in the other end, for instance 10.10.10.30.

ping 10.10.10.30

When the tunnel is required, it will be activated automatically.

To make sure you can issue this command to view the tunnel:

show isakmp sa

Simple.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s