This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

vpn dropping

Posted on 11-02-2023 07:17 PM
miller806
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I have created a vpn tunnel, and it works, but after some time, the tunnels go down.

Even after I reset the tunnel on the remote side, the tunnels do not come back online.

Any suggestions would be greatly appreciated.  

From the GCP side, settings are very limited.

1 1 389
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
moe54
Staff
Reply posted on --/--/---- --:-- AM

Hello,

Without relevant logs, it is difficult to troubleshoot. However there could be a timing issue renegotiating the Child SA for Phase 2. According to our public documents (which are present at [1] under references), the Phase 2 lifetime should be 3 hours.

On-premises device must be configured according to our documents [1].

  • For VPNs using strongSwan, the option is rekeymargin.

  • For Cisco IOS 11.3+, use the below command:

    set crypto ipsec security-association lifetime <seconds>

  • For JunOS, use the below command:

    set security ike proposal lifetime-seconds <seconds>

 

References:

[1] https://cloud.google.com/network-connectivity/docs/vpn/concepts/supported-ike-ciphers

0 Likes
Top Labels in this Space
Top Solution Authors
View all