Many people are using VPN technology today to ensure data confidentiality between remote locations. When using a site-to-site type VPN (say between a Router and a Firewall), a common complaint among end users is intermittent delay before VPN traffic is successful. This is usually due to Security Associations (SA) becoming too old requiring a ‘VPN refresh’; while the VPN devices are refreshing the SA, the user sits and waits.
A simple solution to this is to have the router generate traffic, simulating user traffic and keeping the VPN active.
We can do this with a Round Trip Responder (RTR):
config terminal
rtr 1
type echo protocol ipIcmpEcho source-ipaddr
frequency 3600
rtr schedule 1 life forever start-time now
The preceding configuration will configure a Cisco router to generate IP ICMP traffic between LAN’s through the VPN keeping the SA’s refreshed.
Short and sweet. We hope this helps.
Comments are welcomed below from registered users. You can also leave comments at our Discord server.
If you would like to see more content and articles like this, please support us by clicking the patron link where you will receive free bonus access to courses and more, or simply buying us a cup of coffee!