cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3948
Views
0
Helpful
8
Replies

FMC VPN Status Health Event keeps repeating

rcullum
Level 1
Level 1

Our FMC keeps throwing in the same VPN status event "VPN tunnell between FWA/peerip/subnetX and FWB/peerip/subnetY is inactive due to to Deleted backup session"

Firstly any idea what a backup session refers to? If its a VPN SA, well I've checked the Firewalls and the VPN SA for these subnets is ok on each side. Traffic is being encrypted/decrypted, SPIs match. I have no inactive SAs on the FTDs. So why does FMC keep reporting this?

Secondly, since it'sthe same message every 2-3 mins including the subnets in question,  shouldn't the Health Events Value column count increment instead rather than generating a new message?

8 Replies 8

smylieguy
Level 1
Level 1

I'm seeing the same issue and would like to know if this was ever fixed.

 

adammckay1
Level 1
Level 1

We're seeing this as well, but for VPN configurations that overlap with another's extranet protected networks (as a backup session). The errors point to it being a critical issue, but the other session is up and traffic is flowing as expected.

 

These VPN sessions are to AWS and Azure.

 

I believe this only appeared for us after upgrading from 6.4.0.5 to 6.6.1 for the FMC 1000. Any ideas? It's just adding to the list of alerts we're getting that are of no significance to us.

If anyone has discovered what could be the reason please share. I have a policy based routing and have routed all the traffic from one site to the HQ. After that change the message keeps rolling in.  Everything seems to be working as the tunnel is up and i can pig bidirectional as well as all the routes to internet and all is going trough the tunnel.

 

Thanks in advance.

 

PS: version 6.7

Did anyone ever get an answer to this string? I have been getting the same for quite a while and everything seems to be working. Just want to know if I have something misconfigured that would cause this.Thank You

NetSecNW
Level 1
Level 1

I also would be interested in a resolution to this. Im having the same issue, VPN is all working but have a critical health alert.

ammodevgun
Level 1
Level 1

I am having the same issue however, it is reporting VPN tunnels being down with the alert originating from the standby FTD.  The VPN tunnel is connected and working on the active FTD.

kiranraj
Level 1
Level 1

Did anyone find a resolution for this issue? We are receiving the same error. Please let me know if anyone found anything. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: