We have a pair of ASA5520 ver8.3 firealls running IPSec VPN tunnels to remotes. Initially, we established our first few tunnels and they remained up/operational for long periods of time. We recently connected up another remote 861 router and now our core ASA5520 site drops all tunnels on a fairly recurring basis. In addition, the last remote VPN tunnel constantly drops all day long.
Our Internet connection is clean when we connect a PC up to our External Internet Cisco switch and launch VPN client on PC. Switch interfaces run clean. However, when we normalize our connections, the External Internet switch interfaces start see input errors.
We verified our remotes and ASA5520 MTU sizes at 1500 and that alll speed/duplex on ASA5520s, switches, set to manual 100/full.
What would be causing the External LAN switches to see errors when ASA5520s running dynamic IPSec VPNs to remotes? Can 1 remote cause all head-end VPNs to drp?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...