Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Easy VPN goes down on the DHCP connection

Hi folks,

I am starting to pull out my hair in the attempt to understand why the router's interface goes administratively down when the easy VPN client drops the tunnel.

Here's the excerpt from the router log when it happens:


086251: Nov 18 01:04:08.705: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User=Store1301 Group=Stores

086252: Nov 18 01:04:10.689: %LINK-5-CHANGED: Interface FastEthernet4, changed state to administratively down

086253: Nov 18 01:04:11.689: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet4, changed state to down

086254: Nov 18 01:04:13.692: %LINK-3-UPDOWN: Interface FastEthernet4, changed state to up

086255: Nov 18 01:04:14.692: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet4, changed state to up

086256: Nov 18 01:04:18.811: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet4 assigned DHCP address, mask, hostname 1301_Lascolinas

086257: Nov 18 01:04:19.582: %CRYPTO-4-IKMP_NO_SA: IKE message from has no SA and is not an initialization offer

086258: Nov 18 01:04:20.374: %CRYPTO-6-EZVPN_CONNECTION_UP: (Client) User=Store1301 Group=Stores NEM_Remote_Subnets=


FastEthernet4 is configured to receive an IP via DHCP. I checked the lease time and it turned out to be pretty short:

1301_Lascolinas#show dhcp lease

Temp IP addr: for peer on Interface: FastEthernet4

Temp sub net mask:

DHCP Lease server:, state: 4 Rebinding

DHCP transaction id: 660

Lease: 600 secs, Renewal: 300 secs, Rebind: 525 secs

Even if it is short the router should renews its IP and it is not supposed to bring down the interface.

Is there any way to use a loopback interface for easy VPN client so that VPN always stays up?




Re: Easy VPN goes down on the DHCP connection

The loopback interface can be set to use the easy vpn client.

The command used for assigning loopback interface is

Router(config)#interface loopback

The number can be between 0 and 2147483647

A loopback interface is automatically put in "no shutdown" state when created. However, you need to assign an ip address to use a loopback interface.

CreatePlease to create content