Here is the sample script to initiate a router reload when the l2tp tunnel goes down. Once the tunnel is down, a router reload is the only way to bring it back up. It doesn't happen very often. I am connected to a 3rd party vpn service through my 3825 box.
Here is the sample EEM script:
This is from Cisco support.... It tracks the syslog message - L2TP: Tunnel state change from established to no-sessions-left event manager applet l2tp-script event syslog pattern "L2TP: Tunnel state change from established to no-sessions-left" action 1.0 cli command "enable" action 2.0 cli command "reload in 00:05" action 3.0 cli command "end"
The problem is that it doesn't reload the router....When I do a debug, I don't see the "Tunnel state change from est......" So, is there something else I should look for in the debugs to use as the trigger event?
Thanks for everyone's time!
Do you actually see that message in your logs? It seems to be a debug output, and not a regular syslog, so it would require debugging to be on...
Can you try and describe what you are trying to achieve?
The router is currently hooked into a 3rd party L2TP VPN service. On the occassion that the tunnel goes down, it will never come back up unless a reboot is done. So, typically when the tunnel goes down, it goes to the state "no sessions left". So, based on the script Cisco support sent me, I don't see the described message in the debug output. So, I think they are referring to a regular syslog message....However, I am unsure of how to set that up to monitor the L2TP state....Debugs I can do...
Thanks for the help.
Got another idea....The L2TP tunnel is using the Virtual-PPP1 interface....What about tracking that interface to see when it goes, because, the tunnel has gone down?
I am not sure if the Virtual-PPP1 interface ever goes down...
We could use some kind of a periodic show command to monitor the L2TP state, and if we identify the problematic state, reload the router.
BTW, do you know why the L2TP tunnel would come back up... I have been doing L2TP for PPP aggregation for years, and would not expect this to be a normal behaviour...
Well, the suggestion I made was maybe to use some variation of the IP SLA and when the virtual-ppp1 interface say deosn't respond to a ping anymore, reboot the router after 10 mins. The router is setup as site-to-site. I have no control over the far end configuration. It looks like they are running a linux variant of openl2tp....So, when the connection goes down, there is no way to bring it back up without doing a router reboot on my end.....
So, I am looking at this 2 ways....
1. I have started a l2tp debug to catch the correct syslog message when the link goes down and reboot.
2. OR I am gonna try this link : https://supportforums.cisco.com/thread/2201614
and modify it to reboot if pings fail.
Found what I was looking for....
Gonna do a debug on the L2TP interface and grab the correct syslog messages when it comes up and goes down...
I'll let you know...
I found the solution and modified it to monitor the virtual-ppp1 interface when it goes down and comes back up...
I based it on the script used in this link.
So, here is the script I am using....
When the L2TP tunnel goes to "no sessions left", the virtual-ppp1 interface goes down. That's the typical message I get when it goes down. So, when I reboot the router, the script shows the message that the virtual-ppp1 interface is up when the L2TP tunnel comes up. I checked the debugs and that is the behaviour when the tunnel goes up / down...
Here you go:
event manager applet L2TP-DOWN
event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to down"
action 1.0 syslog msg "The L2TP VPN is down"
action 1.1 cli command "enable"
action 1.2 cli command "reload in 10" pattern "confirm"
action 1.3 cli command ""
action 1.4 syslog msg "EEM scheduled reload in 10 minutes"
event manager applet L2TP-UP
event syslog pattern "%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-PPP1, changed state to up"
action 1.0 syslog msg "The L2TP VPN is up"
action 1.1 cli command "enable"
action 1.2 cli command "reload cancel"
Sorry for not responding... Was out of the office...
The scripts look good to me, but I am still curious to understand why you need to reload the router in the 1st place...
Maybe just removing some piece of the config (and re-adding it), or just some shut/no shut is enough?
Soooo, I have had some time to look at this and here is the weirdness....btw, thanks for the response.
The l2tp will go down when i do a "show l2tp", however, the virtual-ppp1 interface is UP with an ip. So, the script I am using, based on the logs, sometimes kicks in. However, I noticed today that the virtual-ppp1 interface was UP and the l2tp was down.....hmmmm. I have looked at the logs and am not sure how to modify the script to bring the tunnel back up. What happens is that the tunnel will keep trying to come and the logs show the tunnel is shut down for " administrative reasons"? Huh? It's a repetitive process unless I reboot....
There must be a way to include the the l2tp state in the script...When I do a show l2tp, obviously, it shows the state as "est". If it goes down, the same command shows "%No active L2TP tunnels". So, I've got the tunnel down syslog....how about a syslog that shows the tunnel is up?????? It looks like I need a syslog message with the % sign to trigger the event....