From: MMoniz (ccie2002@tampabay.rr.com)
Date: Thu Apr 29 2004 - 21:45:08 GMT-3
Are these between routers or PIX's? I assume routers by using GRE!
If it is on routers I believe you can set a keepalive for the tun int's,
thus keeping it active
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
ccielab@cox.net
Sent: Thursday, April 29, 2004 8:36 PM
To: ccielab@groupstudy.com
Subject: OT: GRE Ipsec Tunnel Keepalive
Sorry for the off topic, but I need some opinions.
I have multiple gre tunnels between sites and I use ipsec to encrypt traffic
over them. When I need something encrypted, I point a static route to the
tunnel interfaces.
Works great, however, the ipsec sa expires after 24 hour, and there is s
slight delay upon re-establishment of the ipsec ike sa. I need the ipsec sa
to be permenantly established.
Should I run a routing protocol between the tunnel interfaces? Any other
ideas will be appreciate.
Thanks,
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:58 GMT-3