DMVPN-5-CRYPTO_SS:socket is DOWN

R Manjunatha · ‎09-18-2024

Hi

The DMVPN tunnel was reset, which caused the BGP session to reset as well. We observed that the DMVPN crypto socket is down. What could be the issue? We suspect it might be related to the ISP, but they have reported no abnormalities in their logs

DMVPN-5-CRYPTO_SS:tunnel 1 :local address xxxxx remote tunnel addressXXXX socket Down

Enes Simnica · ‎09-19-2024

hey there. The DMVPN tunnel crypto socket going down suggests a potential issue with the ISP, despite no abnormalities in their logs. Check for intermittent packet loss, routing changes, or subtle connectivity issues by running continuous ping or tracert tests to the ISP gateway or remote peers.

Also (it might be) if NAT is being used on the ISP side or between you and the remote site, it could affect the DMVPN tunnel. The socket down message might be a result of the crypto key exchange being interrupted by NAT inconsistencies.Verify if any changes were made to the NAT configuration by the ISP or local firewall.

-Enes

more Cisco?!
more Gym?!