Connection : X.X.X.X
Index : 7 IP Addr : X.X.X.X
Protocol : IKEv1 IPsec
Encryption : IKEv1: (1)AES256 IPsec: (1)AES256
Hashing : IKEv1: (1)SHA1 IPsec: (1)SHA1
Bytes Tx : 400 Bytes Rx : 400
Login Time : 22:06:56 UTC Tue Jun 15 2021
Duration : 0h:18m:00s
Tunnel Zone : 0
IKEv1 Tunnels: 1
IPsec Tunnels: 1
IKEv1:
Tunnel ID : 7.1
UDP Src Port : 500 UDP Dst Port : 500
IKE Neg Mode : Main Auth Mode : preSharedKeys
Encryption : AES256 Hashing : SHA1
Rekey Int (T): 86400 Seconds Rekey Left(T): 85319 Seconds
D/H Group : 5
Filter Name :
IPsec:
Tunnel ID : 7.2
Local Addr : A.A.A.A/255.255.255.255/0/0
Remote Addr : B.B.B.B/255.255.255.128/0/0
Encryption : AES256 Hashing : SHA1
Encapsulation: Tunnel
Rekey Int (T): 28800 Seconds Rekey Left(T): 27719 Seconds
Rekey Int (D): 4608000 K-Bytes Rekey Left(D): 4608000 K-Bytes
Idle Time Out: 0 Minutes Idle TO Left : 0 Minutes <<<<<<<---------------
Bytes Tx : 400 Bytes Rx : 400
Pkts Tx : 4 Pkts Rx : 4
Idle Time Out counter must be set to 0 Minutes instead of 30 minutes and the VPN must remain
active regardless of the activity/traffic running over it.
Note: At the time of writing, there exists an Enhancement Bug to integrate the ability to
modify this setting directly on FMC without the need of Flexconfig. See Cisco bug ID
CSCvr82274 - ENH: make the vpn-idle-timeout configurable
Troubleshoot
There is currently no specific information to troubleshoot available.
Related Information
Firepower Management Center Configuration Guide, Version 7.0 - Chapter: FlexConfig
Policies for Firepower Threat Defense
●
Firepower Management Center Configuration Guide, Version 7.0 - Chapter: Site-to-Site
VPNs for Firepower Threat Defense
●
Technical Support & Documentation - Cisco Systems
●