[c-nsp] ASA 5585X IPSEC VPN Stability

Dima Chait dimachait at ymail.com
Sun May 19 01:26:35 EDT 2013


Hi,

We got a ASA5585-X SSP20 with a site to site IPSEC VPN between two of our POPs.
Both firewalls are with identical hardware and software versions (8.4(5)), the VPN is configured with P1: IKEv1 AES/SHA and P2: ESP AES/SHA w/ Tunnel mode.

We had issues when the IPSEC VPN stops passing traffic until we manually clear the phase 1 and phase 2 SAs (doesn't happen in a regular interval - once every few weeks)
We already had multiple TAC cases but they were unable to resolve this.

I was wondering if anyone had good experience with this platform and IPSEC VPN, and if so what was the software version on the box.

Regards,
Dima


More information about the cisco-nsp mailing list