I have one Ikev2 site-to-site tunnel which has been stuck in this state:
Session-id:15, Status:UP-IDLE, IKE count:1, CHILD count:0
Tunnel-id Local Remote Status Role 1319195545 x.x.x.x/4500 y.y.y.y/4500 READY RESPONDER Encr: AES-CBC, keysize: 256, Hash: SHA256, DH Grp:19, Auth sign: PSK, Auth verify: PSK Life/Active Time: 28800/1080711 sec
Active Time has passed the lifetime a long ago. 'clear crypto ikev2 sa' or 'clear ipsec sa peer y.y.y.y' won't terminate the tunnel. What can be done to terminate this tunnel? Rebooting the firewall isn't really a solution...
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...