No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

IPsec tunnel not stable between USG6660 and ALU router

Publication Date:  2017-08-01 Views:  54 Downloads:  0
Issue Description

Description :-

As per below diagram , establish IPsec tunnel between  USG6660 and ALU router for secured data transfer use FTP.

IPsec tunnel not stable . it keep wend down

Network Diagram :-

 

Handling Process

Perform the  continues ping operation to check P2P link stability between USG600 and ALU. while ping IPsec tunnel stable .

after stop the continues ping again IPsec tunnel wend down . 

 

 

Root Cause

Continues ping result we found that , there is heartbeat issue . we checked ALU node heartbeat rate by default 30sec

after set dpd retransmission interval time 30sec on USG6660  (dpd retransmit-interval 30)  . IPsec tunnel stable , there is no interrupted.

Solution

DPD (Dead Peer Detection) has to be employed in USG6660 for stable and uninterrupted connectivity.

Type of DPD chosen was "periodic" and the retransmit-interval of DPD packet is 30 seconds which is default for our ALU MPLS node.

ALU node will "reply only" to DPD packets sent by this USG6660.

END