×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Tunnel down issue with crypto applied

Unanswered Question
Jun 28th, 2012
User Badges:

Hi,


We have one central Router 3845  having tunnel's configured for the remote sites and having crypto map Applied on these interfaces.

The remote site's Router having crypto map applied on the serial (WAN) interface.


Issue: As per discussion with concern whenever there is WAN Link flapping then the respective tunnel gets down but the source/destination IP addresses reachable and getting ping but when crypto map is removed from any tunnel (Primary or Backup) then tyhe tunnel gets UP showing protocol UP.


Attaching here show tech for both the central Router/Remote Router. Confirm us if there is any BUG impact for this tunnel down issue with crypto map in case if WAN Link flap.


Regards,

Ashutosh

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
HCL Support Sun, 07/01/2012 - 21:25
User Badges:

Hi,


Can any one suggest me on this case??

The respective logs already attached there to checkout the same.


Regards,

Ashutosh

sukanyachavan Mon, 07/02/2012 - 05:30
User Badges:

Hi,


You mentioned that WAN link is flapping. If it s flapping, it is very much possible that you might be having intermittent contectivity and hence you can ping the remote sites.

However as far as concern regarding the Tunnels state down is, it is staying down as cypto session might not be able to get up for long time as WAN link is flapping.


Can you do a ping with erpeat count of 1000 and check how many packet are getting failed when this happend.

Also keep terminal monitor on while you do this, so that tunnel flaps and WAN link flaps can be observed.


Regards,

Sukanya

HCL Support Tue, 07/03/2012 - 03:16
User Badges:

Hi,


Thanks for your response.


As per discussion with the concern, the respective WAN Link is not flapping continue but goes down once on some particular day and when the Link gets restored then tunnel remains down and the source/destination IP addresses reachable and getting ping but when crypto map is removed from any tunnel (Primary or Backup) then the tunnel gets UP showing protocol UP.


Suggest if there is some BUG impact as I have checked the running IOS is deferred with Cisco.


Regards,

Ashutosh

Actions

This Discussion