Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
1
Replies

Site to site tunnels suddenly goes one-way

pbuch
Level 1
Level 1

‎05-16-2011 07:03 AM

I have a setup with a pair off ASA5510 on the central site, and approx 20 sites with ASA5505.

A couple off network are configured as site to site tunnels to every remote site.

Its very stable, but the last year or so ocassionally one of the tunnels go one-way.

Just like one of the nat exeptions suddenly stops working.

I can see the remote side transmitting packets, but no answer.

Central site is running 8.22, want to upgrade but have to mount more RAM.

The only cure i have found is to reboot the central pair off ASA5510, not very popular as all 20 tunnels goes down.

Any solutions ?

/Per

Labels:
0 Helpful
1 Reply 1

Herbert Baerten
Cisco Employee
Cisco Employee

‎05-20-2011 12:35 AM

Hi Per,

I can't say for sure but from your description it  sounds a lot like this bug :

CSCtd36473    IPsec: Outbound context may be deleted prematurely

Upgrade to 8.2.4 (or 8.2.5 when it comes out, should be fairly soon) and you should be fine. I assume your remark about the RAM is because you were considering upgrading to 8.3 or 8.4? For 8.2.4/8.2.5 you should not need more RAM.

hth

Herbert

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents