VPN traffic interruption on ASA5540 Running 8.3 code
Intermittently, L2L VPNs traversing a particular interface on my ASA 5540 get torn down and are not able to complete phase 1. These tunnels run for weeks with the exact config in the ASA, and then randomly stop passing traffic. Importantly, this affects only VPN related traffic. Additionally, we run SSL VPN through the same interface on the ASA and that stops allowing incoming connections as well. I also have L2L VPN tunnels built up to other interfaces on the ASA and they are not affected.
My ASAs are running in active/standby and I can force a failover to whatever unit is acting as the standby, and the issue is immediately cleared with no other intervention. Recently, this issue presented and I noticed that my dynamic ARP table had multiple erroneous interfaces bound to the MAC address of the interface that has issues with VPN traffic. Instead of performing a failover event, I cleared the dynamic arp entries and the issue was immediately resolved. I can only assume that the HA failover process also forces an arp cache clear, which explains why that resolved the issue previously.
I have had the same hardware running the same code for quite some time and this issue only recently cropped up. There were no config changes made to the ASA for some time prior to the first manifestation of the issue.
I have debug logging enabled and am send this info to a syslog server. I captured output from some of these events but haven’t been able to make heads or tails of it.
ProblemTaking a snapshot of ISE virtual machines is not supported but it still happens occasionally due to administrators taking a snapshot manually or an integrated technology that automatically takes snapshots to back up VMs. When taking a snapsho...
Hi all, Is it available on Stealthwatch 7 Client or web interface the ability to import the Netflow Exporters names? I found only the possibility to configure manually the name of each Netflow Exporter, but not a bulk configuration.
User Experience Enhancements
As part of Cisco Customer Experience program, we are working towards a more uniform user experience and terminology harmonization. This program runs across all Cisco security products.
We are ali...
Join us on Thursday, October 10 at 10 am PT to meet the CEO and Founder of Cisco's most recent security investment.
In today’s cybersecurity arms race, how does Cisco stay one step ahead in the battle against attackers? One key strategy is keeping tabs on...