L2L VPN is down everyday - troubleshooting help !

Unanswered Question
Jul 29th, 2008

Hi all,

I have a customer having ISR router (spoke) - Symantec firewall (Hub) VPN, one of the spoke site goes down once or twice each day during the working hours. By looking at Symantec firewall log, it's really hard to figure out which side teared down the connection.

Here are some of my thoughts, please input your idea :

1. the VPN was established, so I don't think anything wrong with VPN configuration, not sure if any lifetime timeout could force the connection broken.

2. the remote site's connection is pppoa dsl line, customer said they opened the ticket with ISP and was told line is fine. I just want to find the evidence form my side.

The customer site is a warehouse far from ISP DSLAM, how can I debug the ISR router to see if it's a dsl connection issue.

Thanks,

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ggilbert Wed, 07/30/2008 - 09:31

Debugs you can run on the ISR router

"deb cry isa" & "deb cry ipsec"

You can send them to a syslog server and make sure you set the syslog command on the router to send the debug messages.

With these information we can figure out what is happening.

Gilbert

Actions

This Discussion