Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1373
Views
5
Helpful
2
Replies

IKE preshared key lifetime stuck after failover

russell.sage
Level 3
Level 3

‎10-20-2022 08:22 AM

I have a pair of ASA 5585-x firewalls in HA mode - after a failover we are seeing VPN's comes becoming non-responsive up to 9hrs after failover. The investigation has indicated that the preshare key isn't be renegotiated when the lifetime counter times out. Resulting in the need to clear vpn and impacting customer service

We are currently running 9.8.4(20) can't find any indication of a bug.

Anyone else experienced this issue?

 

2 Replies 2

MHM Cisco World
VIP
VIP

‎10-20-2022 08:32 AM

ASA failover outside interface use to connect to other peer
the only case here that the Outside IP is not exchange from active to standby when active is failed.

0 Helpful

russell.sage
Level 3
Level 3
In response to MHM Cisco World

‎10-23-2022 11:59 PM

We have 53 vpn's terminating or traversing these ASA's if there was a routing or IP issue wouldn't impact all of them

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card