Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Packet drop in L2L VPN tunnel

Hi,

MY ASA5540 has 40 L2L IPsec VPN tunnels to other sites. One of tunnels has packet drop often ( but the tunnel remind up ). Called ISP and confirm its not ISP issue. Is there any method to troubleshoot the issue ? what should I look at in the configuration ? any help will be appericated.

Thanks

2 REPLIES
Silver

Re: Packet drop in L2L VPN tunnel

Verify that ACLs and NAT configurations are Correct. Some times it may also block the traffic.

Most Common L2L and Remote Access IPSec VPN Troubleshooting Solutions

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Re: Packet drop in L2L VPN tunnel

Kwok Hung Ken Wu,

I'm not sure that they are sending traffic by using udp/4500 or not. In case of ESP when link flapping occurred you may find something about invalid SPI.That would be a problem because the database has not been synchronized. If you're facing this please add a "crypto isakmp invalid-spi-recovery" command for testing.

HTH,

Toshi

817
Views
0
Helpful
2
Replies