Well, It probably would reconnect if I did that, but I don't want to
have to connect and do anything. I would prefer if the connection would
just come back up without any user intervention.
A few of the locations are pretty far out in the sticks and have spotty
connections, so this is something that happens at least once a day.
I have another network set up with static IPs on both ends. I never have
to touch it! It just works.
If there is no hope for having the dynamic IP setup reconnect
automatically, I suppose that I will have to look into static IPs there too.
How about a very short Phase 2 Lifetime (like 10 minutes) ?
That said, what are people using the Phase lifetime settings?
> Clicking the Save button on the IPsec page without changing anything
> on the branch locations doesn't bring it back up?
> I don't know what the solution may be, but personally I wouldn't
> complain too much. I have a big dollar Cisco VPN deployment that
> requires manually clearing the SAD's most of the time when a T1
> hiccups even briefly.
> Posting the system logs from both ends when it happens might be
> helpful for determining why it isn't coming back up. Also checking
> the SAD on both ends under Diagnostics -> IPsec might be helpful.