FirewallWizards
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[fw-wiz] Cisco VPN reconnection every 23 minutes

from [ditribar] [Permanent Link][Original]
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] Cisco VPN reconnection every 23 minutes
From: ditribar@gmx.de
Date: Thu, 31 May 2007 19:12:01 +0200
Delivered-to: sp-com-lists@consult.net
Delivered-to: fwwizards-list2@consult.net
Delivered-to: firewall-wizards@honor.icsalabs.com
List-archive: <https://listserv.icsalabs.com/pipermail/firewall-wizards>
List-help: <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=help>
List-id: Firewall Wizards Security Mailing List <firewall-wizards.listserv.icsalabs.com>
List-post: <mailto:firewall-wizards@listserv.icsalabs.com>
List-subscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=subscribe>
List-unsubscribe: <https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards>, <mailto:firewall-wizards-request@listserv.icsalabs.com?subject=unsubscribe>
Reply-to: Firewall Wizards Security Mailing List <firewall-wizards@listserv.icsalabs.com>
Sender: firewall-wizards-bounces@listserv.icsalabs.com 
    can anybody help me to solve the following problem?

    A VPN Tunnel is established and working so far, but the connection gets 
reconnected about every 23 minutes.

    Here are some logs whats happening on PEER1 (AAA.BBB.CCC.DDD) (CISCO ASA 
5500):

Peer connect

2007-05-31T17:30:08+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = 
REMOTE_PEER_IP, IKE Initiator: New Phase 1, Intf inside, IKE Peer 
REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address 
REMOTE_LAN_IP,  Crypto map (outside_map)
2007-05-31T17:30:10+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Freeing previously allocated memory for 
authorization-dn-attributes
2007-05-31T17:30:10+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 COMPLETED
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Responder forcing change of IPSec rekeying 
duration from 28800 to 3600 seconds
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Security negotiation complete for 
LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x8d72d873, 
Outbound SPI = 0xee7d09b6
2007-05-31T17:30:11+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 2 COMPLETED (msgid=2a2a6615)

Peer disconnect again

2007-05-31T17:53:46+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Connection terminated for peer 
REMOTE_PEER_IP.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
2007-05-31T17:53:46+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = 
REMOTE_PEER_IP, Username = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session 
disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:23m:36s, Bytes xmt: 
6572, Bytes rcv: 7772, Reason: User Requested
2007-05-31T17:53:58+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = 
REMOTE_PEER_IP, IKE Initiator: New Phase 1, Intf inside, IKE Peer 
REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address 
REMOTE_LAN_IP,  Crypto map (outside_map)
2007-05-31T17:54:00+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Freeing previously allocated memory for 
authorization-dn-attributes
2007-05-31T17:54:00+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 COMPLETED
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Responder forcing change of IPSec rekeying 
duration from 28800 to 3600 seconds
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Security negotiation complete for 
LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x695fe990, 
Outbound SPI = 0x792e9c57
2007-05-31T17:54:01+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 2 COMPLETED (msgid=b6a126bc)

Manual disconnect

2007-05-31T18:00:32+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = 
REMOTE_PEER_IP, Username = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session 
disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:06m:31s, Bytes xmt: 0, 
Bytes rcv: 0, Reason: Administrator Reset
2007-05-31T18:00:32+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Connection terminated for peer 
REMOTE_PEER_IP.  Reason: Administrator Reset  Remote Proxy REMOTE_LAN_IP, Local 
Proxy LOCAL_PROXY_IP
2007-05-31T18:00:39+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = 
REMOTE_PEER_IP, IKE Initiator: New Phase 1, Intf inside, IKE Peer 
REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address 
REMOTE_LAN_IP,  Crypto map (outside_map)
2007-05-31T18:00:40+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Freeing previously allocated memory for 
authorization-dn-attributes
2007-05-31T18:00:40+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 COMPLETED
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Responder forcing change of IPSec rekeying 
duration from 28800 to 3600 seconds
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Security negotiation complete for 
LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0x6bccacec, 
Outbound SPI = 0x7a216c5f
2007-05-31T18:00:41+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 2 COMPLETED (msgid=fe0bd283)

Peer disconnect again

2007-05-31T18:24:12+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713050: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Connection terminated for peer 
REMOTE_PEER_IP.  Reason: Peer Terminate  Remote Proxy N/A, Local Proxy N/A
2007-05-31T18:24:12+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-113019: Group = 
REMOTE_PEER_IP, Username = REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Session 
disconnected. Session Type: IPSecLAN2LAN, Duration: 0h:23m:32s, Bytes xmt: 
6104, Bytes rcv: 6616, Reason: User Requested
2007-05-31T18:25:52+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713041: IP = 
REMOTE_PEER_IP, IKE Initiator: New Phase 1, Intf inside, IKE Peer 
REMOTE_PEER_IP  local Proxy Address LOCAL_PROXY_IP, remote Proxy Address 
REMOTE_LAN_IP,  Crypto map (outside_map)
2007-05-31T18:25:54+0100 AAA.BBB.CCC.DDD warning local4 %ASA-4-713903: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Freeing previously allocated memory for 
authorization-dn-attributes
2007-05-31T18:25:54+0100 AAA.BBB.CCC.DDD err local4 %ASA-3-713119: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 1 COMPLETED
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713073: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Responder forcing change of IPSec rekeying 
duration from 28800 to 3600 seconds
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713049: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, Security negotiation complete for 
LAN-to-LAN Group (REMOTE_PEER_IP)  Initiator, Inbound SPI = 0xba41c143, 
Outbound SPI = 0xb16e5642
2007-05-31T18:25:55+0100 AAA.BBB.CCC.DDD notice local4 %ASA-5-713120: Group = 
REMOTE_PEER_IP, IP = REMOTE_PEER_IP, PHASE 2 COMPLETED (msgid=c825a866)

..... disconnect occurs about every 23 minutes


    Any ideas?
    
    Kind regards
    
    ditribar
-- 
Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten 
Browser-Versionen downloaden: http://www.gmx.net/de/go/browser
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [fw-wiz] Best way to block incoming connections from open http proxy servers?, Christine Kronberg
Next by Date:  Re: [fw-wiz] Cisco VPN reconnection every 23 minutes, Paul Murphy
Previous by Thread:  [fw-wiz] can iptables block incoming http connections from open proxy servers?, White Hat
Next by Thread:  Re: [fw-wiz] Cisco VPN reconnection every 23 minutes, Paul Murphy
Indexes:  [Date] [Thread] [Top] [All Lists]