ASA 5520 8.4(7)31 stoped encrypt interesting traffic to Azure VPN

jdonjuanl · ‎07-17-2018

Hello

We had a working VPN tunnel to Azure and suddenly ASA stopped encrypt traffic and after several tshoot steps we reboot the ASA and the VPN work again.

We use IKEv2 for the VPN and the Azure VPN is the only VPN in the ASA.

Is there any bug in version 8.4.(7)31 related to this issue?

Regards

johnlloyd_13 · ‎07-18-2018

hi,

were you able to capture the show crypto isakmp and show crypto ipsec sa output?

jdonjuanl · ‎07-18-2018

Hello

I don't have the output but I saw that the counter of encrypt pkts was 0 and the decrypt was incrementing.

Pravin Raj Kanagaraj · ‎07-18-2018

This can be of various issue, always try to reset VPN connections and then try to reboot the ASA.

Is this a HA environment?

Regards,
Pravin Raj K
Network Engineer

jdonjuanl · ‎07-18-2018

Hello

We reset the VPN but it took more than 60min to appear as UP again.
no HA enviroment.

Regards

Pravin Raj Kanagaraj · ‎11-19-2018

try to debug the vpn traffic, you can work with the debugs.

Regards,
Pravin Raj K
Network Engineer