Avatar of Dan560
Dan560Flag for United Kingdom of Great Britain and Northern Ireland

asked on 

How to keep a vpn connection permanently active

Hi all,

I tired setting up a site to site VPN connection between two cisco 837 Routers, it works fine apart from I have to ping the connection first to make it active, well it doesn't always have to be a ping as such.... just something to make the connection active again.... its not such a problem only my customers want a Voice over IP system, and I feel that this time-out period may cause problems, can anyone help?
Routers

Avatar of undefined
Last Comment
Dan560
ASKER CERTIFIED SOLUTION
Avatar of ck459
ck459
Flag of Belgium image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Dan560
Dan560
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Sounds confusing but i'll give it a go... would the connection being inactive result in the voice over IP system not to work?
Avatar of ck459
ck459
Flag of Belgium image

Well, what is the VoIP setup? Do you have remote ip phones that do signalisation with a central callmanager (over the VPN)? in that case, the NTP solution would not be necessary, as the VoIP signalling will keep the VPN up (IP phones send regular keepalives with the callmanager).
If the IP phone at a remote site do signalization with a callmanager at the same remote site, and you will do VoIP, tere will be a small delay for the VPN setup when making a call, but it normally won't be noticed.
Avatar of Dan560
Dan560
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Well Im not the one setting it up, we have a telephone engineer configuring the telephone part of it, I thought there would be a possible delay but only for a few seconds...

Its a site to site vpn connection, with I have set up a few weeks ago, would I need to do anymore configuring on my part? For example configuring any firewall rules...Im new enough to configuring routers for a start!
Avatar of ck459
ck459
Flag of Belgium image

Well, try to find out where the phones are communicating to. If there is voice signalization traffic going over the VPN,  the VPN certainly won't go down. (that's why I proposed to enable NTP between the routers, as a matter of fact NTP is kind of a 'time' signallization flow)
It all depends on the voice setup if you need to configure extra firewall rules. For example, if they put the IP phones in a separate VLAN, you might need to add that new IP range to the security domain of you VPN.
That's why it is important for you to know the voice setup as well. Try to get in touch with the voice engineer, and ask him the details of his setup. (does he use a separate VLAN for the IP Phones, does signalling need to travel over the VPN,...)
Kurt
 
Avatar of Dan560
Dan560
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

Hi thanks for your advice, where can I sync my first router with an onlne ntp server?
Avatar of ck459
ck459
Flag of Belgium image

http://www.pool.ntp.org/
you can find public ntp servers on the above page.
to check if it gets synced, do a 'show ntp ass'
 

hostname#sh ntp ass
 
      address         ref clock     st  when  poll reach  delay  offset    disp
+~212.68.213.58    192.53.103.108    2   619  1024  377    11.0    3.02     0.2
+~195.13.23.5      195.13.23.6       2   624  1024  377     6.7    5.51     0.7
*~195.13.1.153     195.13.23.6       2   537  1024  377     8.1   -7.82     0.6

Open in new window

Avatar of ck459
ck459
Flag of Belgium image

Furthermore you should specify the name of your timezone, and configure whether you need daylight savings
most timeservers provide time in UTC, so you should speficy the timezone you're in, and how much it differs from UTC
so in your case : Pacific Daylight Time (GMT-07:00)

clock timezone PDT -7
clock summer-time PDT recurring

Open in new window

Avatar of Dan560
Dan560
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

thanks
when I try to add my server, on the site
Didn't get an NTP response from my IP

do have type in the commands above first, becuase I cant seem to find an IP on that site that i can sync with.
Routers
Routers

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

49K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo