03-02-2018 04:54 PM - edited 02-21-2020 07:27 AM
Mar 2 17:42:00 auripsec03 : %ASA-4-113019: Group = X.X.X.X, Username = X.X.X.X, IP = X.X.X.X, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:09m:50s, Bytes xmt: 27205, Bytes rcv: 14708, Reason: Peer Reconnected
I see a continuous disconnect and reconnect messages form one of my L2L IPSEC vpn connection every 10 minutes or 5 minutes.
Can anyone explain the reasons for these occurrences and i also don't have access to the peer device. But i managed to paste some debug logs from my device.
Mar 02 12:59:36 [IKEv1]Group = x.x.x.x, IP = x.x.x.x, PHASE 2 COMPLETED (msgid=cdd110d3)
Mar 02 12:59:46 [IKEv1]IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=cc6a183c) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 64
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, processing hash payload
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, processing delete
Mar 02 12:59:46 [IKEv1]Group = x.x.x.x, IP = x.x.x.x, IKE Received delete for rekeyed centry IKE peer: x.x.x.y, centry addr: 313aa750, msgid: 0xff1477ae
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, Active unit receives a delete event for remote peer x.x.x.x.
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, IKE Deleting SA: Remote Proxy x.x.x.y, Local Proxy A.B.C.D
Mar 02 12:59:46 [IKEv1]IP = x.x.x.x, IKE_DECODE RECEIVED Message (msgid=4fe221eb) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 64
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, processing hash payload
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, processing delete
Mar 02 12:59:46 [IKEv1]Group = x.x.x.x, IP = x.x.x.x, IKE Received delete for rekeyed centry IKE peer: x.x.x.y, centry addr: 30711990, msgid: 0xf96ab765
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, Active unit receives a delete event for remote peer x.x.x.x.
Mar 02 12:59:46 [IKEv1 DEBUG]Group = x.x.x.x, IP = x.x.x.x, IKE Deleting SA: Remote Proxy x.x.x.y, Local Proxy E.F.G.H
03-04-2018 03:01 PM
My2Cents:
ASA is receiving delete from the peer device. In my opinion you should focus on peer device and if possible collect debugs from both end at the same time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide