<div>
Thanks!!!<br />
<br />
Frank
</div>


<div>
<div class="content wysiwyg-content">
Hi,<br />
&nbsp;<br />
I've implemented a Dynamic to Static Site-to-Site IPSec VPN between a ASA5505 on a vessel and the headquarters. Now, this solution doesn't allow the HQ to initiate the IPsec connection. &nbsp;<br />
&nbsp;<br />
In the Vessel network, there is a router behind the ASA5505. I heard that if I want to keep the tunnel up, so that HQ clients can initiate traffic to remote clients through the tunnel, I'd need to run IP SLA icmp probes on the router behind the ASA.<br />
&nbsp;<br />
Could someone explain how to implement it? <br />
&nbsp;<br />
Thanks for your help.<br />
<br />
Frank
</div>
</div>


Hi,
 
I've implemented a Dynamic to Static Site-to-Site IPSec VPN between a ASA5505 on a vessel and the headquarters. Now, this solution doesn't allow the HQ to initiate the IPsec connection.  
 
In the Vessel network, there is a router behind the ASA5505. I heard that if I want to keep the tunnel up, so that HQ clients can initiate traffic to remote clients through the tunnel, I'd need to run IP SLA icmp probes on the router behind the ASA.
 
Could someone explain how to implement it? 
 
Thanks for your help.

Frank

Dynamic-to-Static L2L IPSec VPN

Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite.