Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Cisco VPN reconnection every 23 minutes

From: ditribar () gmx de
Date: Thu, 31 May 2007 19:12:01 +0200
    can anybody help me to solve the following problem?

    A VPN Tunnel is established and working so far, but the connection gets reconnected about every 23 minutes.

    Here are some logs whats happening on PEER1 (AAA.BBB.CCC.DDD) (CISCO ASA 5500):

Peer connect

2007-05-31T17:30:08+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = REMOTE_PEER_IP, IKE Initiator: New Phase 1, 
Intf inside, IKE Peer REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address REMOTE_LAN_IP,  Crypto 
map (outside_map)
2007-05-31T17:30:10+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Freeing previously allocated memory for authorization-dn-attributes
2007-05-31T17:30:10+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 
COMPLETED
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Responder forcing change of IPSec rekeying duration from 28800 to 3600 seconds
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Security negotiation complete for LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x8d72d873, Outbound SPI 
= 0xee7d09b6
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
PHASE 2 COMPLETED (msgid=2a2a6615)

Peer disconnect again

2007-05-31T17:53:46+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Connection terminated for peer REMOTE_PEER_IP.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
2007-05-31T17:53:46+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = REMOTE_PEER_IP, Username = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:23m:36s, Bytes xmt: 
6572, Bytes rcv: 7772, Reason: User Requested
2007-05-31T17:53:58+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = REMOTE_PEER_IP, IKE Initiator: New Phase 1, 
Intf inside, IKE Peer REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address REMOTE_LAN_IP,  Crypto 
map (outside_map)
2007-05-31T17:54:00+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Freeing previously allocated memory for authorization-dn-attributes
2007-05-31T17:54:00+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 
COMPLETED
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Responder forcing change of IPSec rekeying duration from 28800 to 3600 seconds
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Security negotiation complete for LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x695fe990, Outbound SPI 
= 0x792e9c57
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
PHASE 2 COMPLETED (msgid=b6a126bc)

Manual disconnect

2007-05-31T18:00:32+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = REMOTE_PEER_IP, Username = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:06m:31s, Bytes xmt: 
0, Bytes rcv: 0, Reason: Administrator Reset
2007-05-31T18:00:32+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Connection terminated for peer REMOTE_PEER_IP.  Reason: Administrator Reset  Remote Proxy REMOTE_LAN_IP, Local Proxy 
LOCAL_PROXY_IP
2007-05-31T18:00:39+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = REMOTE_PEER_IP, IKE Initiator: New Phase 1, 
Intf inside, IKE Peer REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address REMOTE_LAN_IP,  Crypto 
map (outside_map)
2007-05-31T18:00:40+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Freeing previously allocated memory for authorization-dn-attributes
2007-05-31T18:00:40+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 
COMPLETED
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Responder forcing change of IPSec rekeying duration from 28800 to 3600 seconds
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Security negotiation complete for LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x6bccacec, Outbound SPI 
= 0x7a216c5f
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
PHASE 2 COMPLETED (msgid=fe0bd283)

Peer disconnect again

2007-05-31T18:24:12+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Connection terminated for peer REMOTE_PEER_IP.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
2007-05-31T18:24:12+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = REMOTE_PEER_IP, Username = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:23m:32s, Bytes xmt: 
6104, Bytes rcv: 6616, Reason: User Requested
2007-05-31T18:25:52+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = REMOTE_PEER_IP, IKE Initiator: New Phase 1, 
Intf inside, IKE Peer REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address REMOTE_LAN_IP,  Crypto 
map (outside_map)
2007-05-31T18:25:54+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Freeing previously allocated memory for authorization-dn-attributes
2007-05-31T18:25:54+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 
COMPLETED
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Responder forcing change of IPSec rekeying duration from 28800 to 3600 seconds
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
Security negotiation complete for LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0xba41c143, Outbound SPI 
= 0xb16e5642
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, 
PHASE 2 COMPLETED (msgid=c825a866)

..... disconnect occurs about every 23 minutes


    Any ideas?
    
    Kind regards
    
    ditribar
-- 
Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten 
Browser-Versionen downloaden: http://www.gmx.net/de/go/browser
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: