Re: FMC VPN Status Health Event keeps repeating

rcullum · ‎05-11-2018

Our FMC keeps throwing in the same VPN status event "VPN tunnell between FWA/peerip/subnetX and FWB/peerip/subnetY is inactive due to to Deleted backup session"

Firstly any idea what a backup session refers to? If its a VPN SA, well I've checked the Firewalls and the VPN SA for these subnets is ok on each side. Traffic is being encrypted/decrypted, SPIs match. I have no inactive SAs on the FTDs. So why does FMC keep reporting this?

Secondly, since it'sthe same message every 2-3 mins including the subnets in question, shouldn't the Health Events Value column count increment instead rather than generating a new message?

smylieguy · ‎05-12-2020

I'm seeing the same issue and would like to know if this was ever fixed.

gwccnetops · ‎05-12-2020

adammckay1 · ‎01-18-2021

We're seeing this as well, but for VPN configurations that overlap with another's extranet protected networks (as a backup session). The errors point to it being a critical issue, but the other session is up and traffic is flowing as expected.

These VPN sessions are to AWS and Azure.

I believe this only appeared for us after upgrading from 6.4.0.5 to 6.6.1 for the FMC 1000. Any ideas? It's just adding to the list of alerts we're getting that are of no significance to us.

NikolayKostov88625 · ‎04-23-2021

If anyone has discovered what could be the reason please share. I have a policy based routing and have routed all the traffic from one site to the HQ. After that change the message keeps rolling in. Everything seems to be working as the tunnel is up and i can pig bidirectional as well as all the routes to internet and all is going trough the tunnel.

Thanks in advance.

PS: version 6.7

cmazur · ‎11-19-2021

Did anyone ever get an answer to this string? I have been getting the same for quite a while and everything seems to be working. Just want to know if I have something misconfigured that would cause this.Thank You

NetSecNW · ‎08-25-2023

I also would be interested in a resolution to this. Im having the same issue, VPN is all working but have a critical health alert.

ammodevgun · ‎10-17-2023

I am having the same issue however, it is reporting VPN tunnels being down with the alert originating from the standby FTD. The VPN tunnel is connected and working on the active FTD.

kiranraj · ‎02-01-2024

Did anyone find a resolution for this issue? We are receiving the same error. Please let me know if anyone found anything.

d.halson · ‎05-13-2024

Did anyone find a resolution for this issue? We are receiving the same error

cjkaufman@dmgov.org · ‎05-21-2024

I am getting this critical error also on v 7.2.6. Our tunnel with Azure is operating as expected, so unsure where this error is coming from. It would be appreciated if the Cisco Moderator who is managing this forum could provide some input as19 other people have reported the same issue. Thank you.

Chess Norris · ‎05-27-2024

Just starting seeing the same error on FMC version 7.2.7 that was upgraded from 7.2.4 last week. Didn't noticed this before.

liu@its.aau.dk · ‎08-26-2024

I am running FMC 7.2.4 with 2 FTDs in high availability, site-2-site vpn is configurered against Azure and works fine. But both FTD (active/standby) have this alert app every 5 minutes,

Danny Dulin · ‎10-31-2024

Did anyone get a resolution on this? We have just upgraded to 7.2.9 connecting to an AWS Peer.

buffkata · ‎10-10-2024

Same here - it started after a Snort crash v.7.2.8.1 !