Tunnel comes up. Both have isakmp keepalive running. PIX has two other VPN's to PIX's that work fine.
After a while tunnel drops to Sonicwall (about 5 - 10 mins)
Local and remote can ping each other whilst up.
Debug info:
# debug crypto isakmp
# debug crypto ipsec
#
ISADB: reaper checking SA 0xe4b4dc, conn_id = 0
ISADB: reaper checking SA 0x10240c4, conn_id = 0
ISADB: reaper checking SA 0xe4c37c, conn_id = 0IPSEC(sw_esp_decap): fail antirep
lay check
IPSEC(cipher_ipsec_request): decap failed for BI -> gw01
IPSEC(sw_esp_decap): fail antireplay check
IPSEC(cipher_ipsec_request): decap failed for BI -> gw01
Any idea what could cause this to happen? I assume my ISAKMP and IPSEC is OK since the tunnel is up for a period of time. Connection is flaky where if you ping maybe 2 out of 12 will fail and the above debug appears when that happens.
Could this just be related to slow/conjected link between sites?
Thanks,
Mark
After a while tunnel drops to Sonicwall (about 5 - 10 mins)
Local and remote can ping each other whilst up.
Debug info:
# debug crypto isakmp
# debug crypto ipsec
#
ISADB: reaper checking SA 0xe4b4dc, conn_id = 0
ISADB: reaper checking SA 0x10240c4, conn_id = 0
ISADB: reaper checking SA 0xe4c37c, conn_id = 0IPSEC(sw_esp_decap): fail antirep
lay check
IPSEC(cipher_ipsec_request): decap failed for BI -> gw01
IPSEC(sw_esp_decap): fail antireplay check
IPSEC(cipher_ipsec_request): decap failed for BI -> gw01
Any idea what could cause this to happen? I assume my ISAKMP and IPSEC is OK since the tunnel is up for a period of time. Connection is flaky where if you ping maybe 2 out of 12 will fail and the above debug appears when that happens.
Could this just be related to slow/conjected link between sites?
Thanks,
Mark