We have a situation where at two sites we receive reports that the connection is down. However, we we connect to the XG the VPN reports as UP & the LINK is green. The only way to resolve is to disconnect the VPN & re-establish it.
The logs seems to fill with IPSEC Terminated Connection between <IPADDRESS> & <IPADDRESS> Terminated - Log ID 17802
One re-established the VPN works fine again for a few days or so
1 x XG210 Firewall running SFOS 17.1.1 MR-1
2 x CISCO ASA (different sites)
Two sites we receive reports that the connection is down. However, we we connect to the XG the VPN reports as UP & the LINK is green.
The XG is set to Initiate the Connection
The Policy in the XG
IKEv2
0 Key Negotiation Tries
Allow Re-keying is Selected
Phase1
KeyLife 86400
Rekey Margin 360
Randomise Reksying by 100
DH Group 2 (DH1024)
Encryption AES256
Authentication SHA1
Phase2
PFS Group (none)
Key Life 28800
Encryption AES256
Authentication SHA1
Dead Peer Detection is selected & checks every 30 secs & will wait for up to 120 secs when the Peer is unreachable
Any issues or suggestions on how we could resolve this?
Thanks
This thread was automatically locked due to age.