I am relatively new to VPN's, but I've recently been assigned to supporting the concentrator. We've got a 3005 concentrator running version 3.0.
The problem I've got is that once in a while, the device "freezes" and the only way to clear it is to physically shut down and restart it. When I view the event log; there are no entries between the time I've lost contact and when I've restarted the device. I hope that someone may have seen this and knows how to correct it.
I'm not sure if this is the same thing, but I am seeing a similar "behavior".
We are currently having this problem on Version 3.5.2, on a 3030. It happens about every 10days-2weeks. Not predictable and not re-producable at will.
We are working with TAC and Development folks on how to better get them additional info when it happens again.
I have been sent a debug version of 3.5.2, but I can't get any directions from TAC on what to do when it hangs again, except to call - during the hours of 8am and 4pm. Outside those hours, we have no recourse but to re-boot and hope it happens again during the hours listed. Obviously, a situation that is making me more un-happy. Local Cisco CE and Sales Rep are now in the loop.
Further - we have a second 3030 configured with VRRP. The behavior we see, is that the internal and external interfaces stop responding to pings and connect attempts. We access the concentrator via the console and find it to be running at 100%CPU. VRRP has not failed over. As soon as we re-boot, VRRP kicks in, for the duration of the re-boot, so I know my VRRP config is ok. Once re-booted the Master takes back over and life is good... for a while.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...