Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Bring up VPN by removing and re-adding crypto map to interface

I can't figure out what is wrong. The EEM runs correctly up to action 5.2. I need to have the router wait 300 seconds before putting crypto map VPN back onto int d1.

event manager applet bring_up_VPN

event syslog pattern "%DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1"

action 01.0 cli command "enable"

action 02.0 cli command "conf t"

action 03.0 cli command "int d1"

action 04.0 cli command "no cryp map VPN"

action 05.0 cli command "event manager applet enable_VPN"

action 05.1 cli command "event timer countdown time 300"

action 05.2 cli command "action 1.0 cli command enable"

action 05.3 cli command "action 2.0 cli command $q conf t$q"

action 05.4 cli command "action 3.0 cli command $q int d1$q"

action 05.5 cli command "action 4.0 cli command $q crypto map VPN$q"

action 05.6 cli command "action 5.0 cli command end"

action 05.7 cli command "no event manager applet enable_VPN"

action 06.0 cli command "end"

2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

Do you have the following configured:

event manager environment q "

Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

I missed something.  The commands are running, but then you unconfigure the timer applet in the syslog applet.  That essentially negates the nested commands.  Swap actions 05.6 and 05.7, and change the new 05.6 to:

action 05.6 cli command "action 5.0 cli command $q no event manager applet enable_VPN$q"

And new action 05.7 to:

action 05.7 cli command "action 6.0 cli command end"

9 REPLIES
Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

Do you have the following configured:

event manager environment q "

New Member

Bring up VPN by removing and re-adding crypto map to interface

I don't have that configured. Is that needed so that $q acts as "?

Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

Yes.

New Member

Bring up VPN by removing and re-adding crypto map to interface

This is what I have now. Is it correct?

event manager environment q "

event manager applet bring_up_VPN

event syslog pattern "%DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1"

action 01.0 cli command "enable"

action 02.0 cli command "conf t"

action 03.0 cli command "int d1"

action 04.0 cli command "no cryp map VPN"

action 05.0 cli command "event manager applet enable_VPN"

action 05.1 cli command "event timer countdown time 500"

action 05.2 cli command "action 1.0 cli command enable"

action 05.3 cli command "action 2.0 cli command $q conf t$q"

action 05.4 cli command "action 3.0 cli command $q int d1$q"

action 05.5 cli command "action 4.0 cli command $q crypto map VPN$q"

action 05.6 cli command "action 5.0 cli command end"

action 05.7 cli command "no event manager applet enable_VPN"

action 06.0 cli command "end"

Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

Yes, that looks right.

New Member

Bring up VPN by removing and re-adding crypto map to interface

None of the lines with $q ever happen. I don't understand what is missing.

Cisco Employee

Bring up VPN by removing and re-adding crypto map to interface

I missed something.  The commands are running, but then you unconfigure the timer applet in the syslog applet.  That essentially negates the nested commands.  Swap actions 05.6 and 05.7, and change the new 05.6 to:

action 05.6 cli command "action 5.0 cli command $q no event manager applet enable_VPN$q"

And new action 05.7 to:

action 05.7 cli command "action 6.0 cli command end"

New Member

Bring up VPN by removing and re-adding crypto map to interface

I made the changes as you suggested. Now we just need to wait for the event to happen.

New Member

Bring up VPN by removing and re-adding crypto map to interface

It worked. Thanks Joseph.

662
Views
0
Helpful
9
Replies
CreatePlease login to create content