Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
736
Views
0
Helpful
2
Replies

IP SLA

SajeshB
Level 1
Level 1

‎11-21-2022 06:06 PM

Hi

I have a Ipsec between my cisco router and a cisco asa managed by other team. By any chance is there a way to configure a monitoring between the peer device for udp port 500 or the traffic inside the tunnel. With out configuring anything/ip sla responder on the cisco asa end.

This is because we have multiple issue with the same Ipsec peer where we ended up seeing no upd 500 packet from peer or the there is no decap packet from peer. This implementation is for monitoring or to provide some kind of monitoring mechanism to IPSEC tunnel.

 

 

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎11-21-2022 11:33 PM

if that fails your tunnel also will disconnected right ?

on what basis you think that is the issue ?

Just putting thought how we can do this - may be you can try setup EEM script to monitor and make a logs.

#traceroute x.x.x.x numeric probe 1 port 500

BB

=====Preenayamo Vasudevam=====

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

MHM Cisco World
VIP
VIP

‎11-22-2022 12:23 AM

You can run IP SLA from local LAN to remote LAN, and since this traffic is encrypt by IPSec tunnel then the traffic by default will use UDP 500.

0 Helpful
Customers Also Viewed These Support Documents