- Posts: 3
- Thank you received: 0
VPN Tunnel Wake Up.
16 years 6 months ago #25766
by caelwind
VPN Tunnel Wake Up. was created by caelwind
I just setup a site to site ipsec VPN tunnel to a client site. After a while of no traffic (overnight) I have to bring the tunnel up again by creating traffic on my side. Is there a way to let the traffic from the client side to bring up the tunnel?
Thanks,
Caelwind
Thanks,
Caelwind
16 years 6 months ago #25767
by Elohim
Replied by Elohim on topic Re: VPN Tunnel Wake Up.
Either side can bring up the tunnel. Set up something to send ping across.
I just setup a site to site ipsec VPN tunnel to a client site. After a while of no traffic (overnight) I have to bring the tunnel up again by creating traffic on my side. Is there a way to let the traffic from the client side to bring up the tunnel?
Thanks,
Caelwind
16 years 6 months ago #25772
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: VPN Tunnel Wake Up.
caelwind,
As Elohim mentioned, either side can bring the tunnel up if both sides are using Static IP Addresses. If the client side is using dynamic IP addressing, then only the central site can bring up the IPSec tunnel.
Cheers,
As Elohim mentioned, either side can bring the tunnel up if both sides are using Static IP Addresses. If the client side is using dynamic IP addressing, then only the central site can bring up the IPSec tunnel.
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
16 years 6 months ago #25773
by skylimit
Hi Chris,
Just out of curiousity, is there a command or a way to bring the tunnel linking the two sites up assuming both ends are using a static IP. i.e. apart from manually pinging the tunnel end IP.
Many thanks
"...you are never too old to learn" anon
Replied by skylimit on topic Re: VPN Tunnel Wake Up.
caelwind,
As Elohim mentioned, either side can bring the tunnel up if both sides are using Static IP Addresses. If the client side is using dynamic IP addressing, then only the central site can bring up the IPSec tunnel.
Cheers,
Hi Chris,
Just out of curiousity, is there a command or a way to bring the tunnel linking the two sites up assuming both ends are using a static IP. i.e. apart from manually pinging the tunnel end IP.
Many thanks
"...you are never too old to learn" anon
16 years 6 months ago #25776
by Chris
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Replied by Chris on topic Re: VPN Tunnel Wake Up.
skylimit,
To the best of my knowledge, I don't think there is. Each IPSec tunnel has a specific lifetime value specified by the crypto map command " set security-association lifetime seconds 86400 " , once this timer is up, the tunnel will go down.
Either case, if you've configured the tunnel correctly, it should come back up immediately after the first packet has gone through, assuming you've got static IP addresses on both ends.
If someone else knows of a command to keep a tunnel up with only one end being a public static IP address , it would be great to hear it!
Cheers,
To the best of my knowledge, I don't think there is. Each IPSec tunnel has a specific lifetime value specified by the crypto map command " set security-association lifetime seconds 86400 " , once this timer is up, the tunnel will go down.
Either case, if you've configured the tunnel correctly, it should come back up immediately after the first packet has gone through, assuming you've got static IP addresses on both ends.
If someone else knows of a command to keep a tunnel up with only one end being a public static IP address , it would be great to hear it!
Cheers,
Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
Time to create page: 0.148 seconds