Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA v7.2 - VPN tunnel problems

Hi all,

I am getting some problems with a Site to Site VPN from the last two weeks. In some occasions it stops to send traffic through the VPN without any apparent reason. I have other VPNs that continue working fine. While it is failing I have run the command "show crypto isakmp sa" and I have found that I have two entries for the peer that is failing:

9 IKE Peer: x.x.x.x

Type: L2L Role: responder

Rekey: no State: AM_REKEY_DONE_H2

10 IKE Peer: x.x.x.x

Type: L2L Role: initiator

Rekey: yes State: MM_ACTIVE_REKEY

Any idea about what is happening?

On the other hand at the moment the only way to solve this has been using the command "clear crypto isakmp sa" but the problem is that this command clear all the entries and I lose the connectivity in all the other tunnels until the are established again. Is there any way to clear only the tunnel that has problems?

Regards, Fernando.

4 REPLIES
New Member

Re: ASA v7.2 - VPN tunnel problems

clear crypto ipsec sa peer 1.1.1.1

New Member

Re: ASA v7.2 - VPN tunnel problems

Thanks!!!

I will try it the next time that it happens.

Any idea about why I am getting this problem?

Regards, Fernando.

New Member

Re: ASA v7.2 - VPN tunnel problems

How often would you say that this vpn goes down?

New Member

Re: ASA v7.2 - VPN tunnel problems

A couple of times each week.

In some occasions a couple of times in the same day.

Why does it happen? Is it a configuration problem? Is there anything that I can do?

Regards, Fernando.

1786
Views
0
Helpful
4
Replies
CreatePlease to create content