Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 871, 12.4(22)T: VPN tunnel up, VPN LED not lit

As in the thread title - quite an amusing issue:

An 871 running a site to site IPSec VPN - the tunnel is up and running fine, but the LED VPN is never lit. Do you know what criteria does IOS use on the 800 series to decide whether to lit the VPN LED? Does it depend on _which_ interface a crypto map is applied to?

In my case, I have:

fa0,fa1: VLAN20, LAN

fa2,fa3: VLAN10, WAN

It's configured to be sent to a remote site, basically a turn-key setup, so this way it's less likely that someone will have any problems connecting it to their network.

Note that I'm not using fa4 at all - the crypto map is applied to Vlan10 SVI. Can this be the reason why the LED is not lit?

I have a preconfigured "black box" 871 from one of our partners on my network with exactly the same setup (interface-wise) - fa0,fa1 LAN, fa2,wa3 WAN, and the VPN LED is lit. Both 871's run ADVIPSERVICES as they run multicast / PIM.

So, not a critical issue, but I'm just curious - all suggestions very welcome. Any ideas? Can this just be a software / release issue?

Many thanks,


Cisco Employee

Re: Cisco 871, 12.4(22)T: VPN tunnel up, VPN LED not lit


Yes, this looks like a software issue. Have you tried downgrading/upgrading to see if the problem goes away. Eventhough the VPN LED is not lit, this should not cause any issues with the IPSEC Tunnel itself.

One thing worth mentioning is, if you are not able to upgrade/downgrade, just make sure that you update the end user and help desk on this VPN LED Issue and have them include additional steps in troubleshoooting.

Also, below is a bug id that you might be interested in - CSCsv01869



*Pls rate if it helps*