Hi We have recently launched cisco firepower 1150 (Version 7.3.0) for one of our sites and sometimes strange problems happen for it. One of it’s interface doesn’t work properly. For example STS VPN between cisco ASA and firepower disconnects and remote access vpn doesn’t work, however published sites are available through the internet and the connections seem ok. The solutions that can help us resolve the issue temporary is reloading or switching active peer. How can we resolve the issue? Thank You!
7.3.0 is not yet a recommended release, and I think it doesn't have any patch post the main release, I wouldn't recommend to use it in production yet. How many ISPs are connected to the firewalls? could the issue be related to any routing flapping?
We had problems with the previous version (7.2.2) too and had no choice but to upgrade. We have two interfaces and STS VPN is configured on both interfaces, but just one interface encounters a problem. The peer firewall is cisco ASA and the attached error is displayed on ASA while having problem
You mean two interfaces and S2S VPN is configured on both of them for the same remote peer? also, could you please issue the command "show crypto ikev2 sa" while having the issue and share the sanitized output?
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
