Pix VPN always on

[Maverick8673]

I want to have my VPN's inside my pix in an always up state, barring a isp issue, is there a vpn command to keep the vpn's up? I seem to be seeing them go down quite a bit and was under the impression there was a command that could force them up and open.? any help is greatly appriciated.

 

[lgarner]

They should be always-on. The keys are renegotiated periodically, but the links should stay up indefinitely.

 

[southside]

Post your VPN config and it can be checked out.

 

[Maverick8673]

Thanks for the info so far here is my config for the vpn

sysopt connection permit-ipsec
crypto ipsec transform-set strong esp-3des esp-md5-hmac
crypto map vpn 10 ipsec-isakmp
crypto map vpn 10 match address
crypto map vpn 10 set peer x.x.x.x
crypto map vpn 10 set transform-set strong
crypto map vpn 20 ipsec-isakmp
crypto map vpn 20 match address
crypto map vpn 20 set peer x.x.x.x
crypto map vpn 20 set transform-set strong
crypto map vpn interface outside
isakmp enable outside
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode
isakmp key ******** address x.x.x.x netmask 255.255.255.255 no-xauth no-config-mode
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400

 

[bryan148]

On both sides try issuing the command:
isakmp keepalive 20

That has helped my connections.