The IPSec tunnel does not come UP for interesting traffic
We have the tunnel with one of our business partner. We have an 1841 router at ouor end and they have ASA at their end. The traffic does not come UP when they start the intresting traffic 'sometimes'. When it does not come UP even after the traffic form their side, we have to re-establish the tunnel by 'clear crypto isa sa XYZ'. We have some more such tunnels on this router and they do not have this problem.
Our ACL's match, and tunnel works fine if we let it re-negotiate it.
The router at our side has this logs every now and then, almost everyday atleast 3-4 times:
Has the tunnel not coming up to do something with this log. I have not tried to increase the default value of 'datagrams to reassemble' at the inteface to get rid of this log.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...