Site-to-site VPN Tunnel not rebuilding after internet loss on either end

tylerlucas · ‎01-03-2008

Hi,

I have two sites which are connected by a site-to-site VPN tunnel.

If either site loses their internet connection (for any reason), the connection doesn't automatically rebuild. The only way I have found to fix the issue is to 'clear crypto session" on the head end.

Anyone have any clue what could be causing this? Pretty standard configuration I thought..

Danilo Dy · ‎01-04-2008

Hi,

What did you see in the log?

You may need to update the IOS. In Router S2S VPN, there is a bug when connection is terminated abruptly - may be present to PIX/ASA as well.

I have similar problem and was fixed by IOS update.

Regards,

Dandy

tylerlucas · ‎01-04-2008

Which logs should I be looking at when this occurs? I'm fairly new to VPNs.

I could recreate the issue after hours and take a peek.

tylerlucas · ‎01-04-2008

For the record, the head end is on a 2821, and the other end is on an 877.

Danilo Dy · ‎01-05-2008

Hi,

Can you post the "show ver" output of both routers?

I can't remember the exact text in the log but it's with "SPI". Cisco solution is to clear the sa.

Regards,

Dandy