We have a Vigor 2820, Firmware Version: 3.3.3_232201.

We are creating a VPN on the second interface to a PIX 506 6.3.3 like we have done hundreds of times before (both connected to the same switch.) We have however run into a problem setting this up and it seems to be a problem with the dead peer detection.

The PIX we found was having the SA taken down by the vigor so we had a look at the vigor. The syslog message we get states that the DPD is timing out this expires the SA.

Vigor: DPD timeout and expire SA...ifno=16

We are using a completely standard PIX config and have tested it with other VPNS.

Any ideas on why the DPD is failing, I notice that there was a update in a resent patch I am wondering if this broke something?

Can we disable the DPD on the vigor if so how?

P.S. While typing this message, someone has set up the same between the vigor and a 515E 6.3.3 and is getting the exact same problem.

Regards,

MONK