Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
johnnyringo
Advisor

IPSec VPN Tunnel stops passing traffic after exactly 1 hour

I've successfully built a route-based tunnel between a Cisco ISRG2 and CheckPoint R80.30 gateway in GCP.  Both sides are using IKEv1 with the default lifetimes of 1 day for Phase 1 and 1 hour for Phase 2.

Unfortunately, the tunnel stops passing traffic after it's been up for an hour.  Here's the relevant IPSec configuration on the Cisco (the default lifetime is 3600 seconds, so it doesn't show up in the configuration):

crypto ipsec transform-set ESP_AES128_SHA esp-aes esp-sha-hmac
  mode tunnel

crypto ipsec profile CHECKPOINT_IKEV1
  set security-association lifetime kilobytes disable
  set transform-set ESP_AES128_SHA

 

0 Kudos
6 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events