07-05-2019 08:16 AM - edited 02-21-2020 09:16 AM
If you look at the L2L VPN Session, you will see nothing in the session list.
The configuration
one ASA5525 (headquarters) and two ASA5516 (branch offices) are connected
5525's outside IP is connected to Dynamic.
I attach running-config.
Help me plz!!!
Solved! Go to Solution.
07-05-2019 09:44 AM - edited 07-15-2019 01:58 AM
The reason was simple.
L2L traffic must occur between Inside and Inside to establish a session.
I now realize that there is a timeout in the L2L session.
07-05-2019 08:39 AM
Quick look done - I believe you do not have any setup for IKEv2 sessions configured.
Do you see any issues around ? or is this just for clarification ?
07-05-2019 08:53 AM
Hi. balaji.bandi.
Have you see the config I attached?
I had set up IKEv2 and had no problems so far.
I still think it's okay, but I think the VPN session is probably off for a while.
I think we need to generate L2L traffic.
However, as a remote user I do not know how to generate L2L traffic.
07-05-2019 09:12 AM - edited 07-05-2019 09:15 AM
if the no interesting traffic passing between that VPN - make sense it was down. - to check you can ping other side device from your allowed ACL list to see other side any decryption take place.
Thank you, may be missed that attachment, let me review and comment back.
07-05-2019 09:44 AM - edited 07-15-2019 01:58 AM
The reason was simple.
L2L traffic must occur between Inside and Inside to establish a session.
I now realize that there is a timeout in the L2L session.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide