I am experiencing a problem with VPN connections in one of my remote routers. The physical interface Serial 0/0 is down and we are troubleshooting the circuit connection with the vendor. This router has (2) tunnel interfaces built back to host site routers using this serial interface that is down. The output from show interface tunnel(x) indicates Tunnelx is up, line protocol is up, for both tunnels. I cannot PING from the IP address of the interface at this end of the tunnel to IP address of the interface at the host end of the tunnel, indicating there is no routing between these addresses. Is the Tunnelx is up, line protocol is up reported in error or can someone explain how the up / up status is determined?
Re: Question regarding interface status of VPN tunnel
All Interface status is determined by "keepalives". By default Tunnel interfaces have keepalives disabled (the keepalives don't even work on Tunnel until somewhere in one of the 12.2 T train releases). Most all other interfaces (serial, ethernet) have default keepalives of every 10 seconds.
When you issue a 'show interface' you should see your keepalive setting about 6 or 7 lines down.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :