Hi everyone. I’ve
inherited a FW-1 network to manage and I’ve run into a problem. We’re using CP FW-1 NG at our main site
and we have 2 remote sites that connect over DSL via IKE VPN (on the router). When the connection first comes up,
everything works fine, mostly. But it
seems like the tunnel is timing out if there is no activity. I would assume this would be by design, but
it won’t come back up until the router is reset. I’ve seen errors on the router (a
Netopia 4541) like this:
IPsec: rx: vpn host rejected
And I’ve seen errors like this on the firewall log:
Encryption failure: Packet is dropped as there is no valid
SA.
I’m also checking with Netopia to see if it might be a
problem with their hardware. Anyone
experience anything like this or have any idea?
I have both remote sites using the exact same router with the exact same
Firmware version and the exact same settings.
Thanks in advance.
Rob Spurlock
Network Engineer
NetStar Communications, Inc
[email protected]
=================================================
To set vacation, Out Of Office, or away messages,
send an email to