I have an GX440 that is configured with DMNR. I have full connectivity to the LAN side network of the GX440 from the LAN side network of headquarters. However, this connectivity is lost when there is no traffic for 3 mins.
Once the idle time of three minutes has elapsed, all LAN-2-LAN connectivity is lost. I must ping the WAN side IP address of the GX440. It takes approx. 12 seconds for the ping echo requests start getting replies. After the first reply I then have LAN-2-LAN connectivity restored.
Everyone is blaming everyone else for the problem. Of course there is a timer somewhere counting down a three minute idle and drops a tunnel and or VPN. The question is where?
Currently the set up is as follows:
Cisco 1801 with IPSEC protected GRE tunnel to Verizon’s “Customer Private Network” the WAN side IP address of the GX440 is statically assigned in the RFC1918 space and BGP provides the route to the device.
When I lose connectivity to the LAN side of the GX440, show crypto sessions and show crypto ipsec sa shows the VPN/GRE tunnel is still up and active.
Might anyone here have any insight regarding this issue? Even suggestions on how I might go about troubleshooting the issue would be appreciated since I am basically on my own with everyone blaming everyone else’s product/service.
Thanks