Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
475
Views
3
Helpful
4
Replies

FTDv outside interface problem

dyakovsky
Level 1
Level 1

ā€Ž03-25-2023 04:44 AM - edited ā€Ž03-25-2023 04:55 AM

I have a problem with my FTDv 7.3.1 on ESXi. When I start uploading a large file over L2L VPN using SCP or SFTP between the server and the remote host, after a while the outside FTDv subinterface becomes unavailable and IPSec is aborted. After a few minutes, the subinterface becomes available. I tried it many times and always I got this problem.
I tried restarting FTDv and the problem was fixed after that, but I don't know if it will come back again.
What can I do to find the cause and fix it?

4 Replies 4

MHM Cisco World
VIP
VIP

ā€Ž03-25-2023 06:45 AM

are you use any IP SLA ??
the icmp can drop before interface congestion and this make the interface UP/DOWN 

0 Helpful

dyakovsky
Level 1
Level 1
In response to MHM Cisco World

ā€Ž03-25-2023 12:40 PM - edited ā€Ž03-25-2023 12:42 PM

No, I didn't set up an IP SLA. I have another FTDv in the same version. And it doesn't have that problem.

MHM Cisco World
VIP
VIP
In response to dyakovsky

ā€Ž03-26-2023 04:27 AM

check if there is any fragment that lead to high CPU utilize and this make some control packet drop and make the link flapping 

0 Helpful

dyakovsky
Level 1
Level 1
In response to MHM Cisco World

ā€Ž03-26-2023 09:06 AM

Thanks for advice. Right now FTD is working well, I can't reproduce this issue, but I'll keep an eye on it.

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card