S2S VPN: why every 5 minutes a new QM SA?

• From: "Stefaan Pouseele" <stefaan.pouseele@xxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 28 Dec 2005 15:44:04 +0100

Hi, 

I observed that if an S2S VPN connection of type IPSec Tunnel is used
between two ISA 2004 servers or an ISA 2004 server and a Windows 2003 RRAS
server, then the initiator delete every 5 minutes the QM SA (Event ID 542)
and renegotiate a complete new QM SA (Event ID 541), even if there is
traffic all the time (ping -t). This result of course in some ping
time-outs. 

Can anybody explains why this happening and what can be done about it. Note
that the OS used is a fully patched Windows 2003 SP1. 

Thanks, 
Stefaan

Other related posts:

• » S2S VPN: why every 5 minutes a new QM SA?

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---