ASA 5506 - VPN summary is increasing the ipsec tunnels

Scott12 · ‎06-25-2020

Hello there!

Our ASA 6606-X in the office has been increasing the ipsec tunnels since two days, however we only have configured 5 site-to-site VPNs. I don't understand why ipsec is growing, due this we had to restart the firewall.

I really appreciate your kind support.

Regards

Rob Ingram · ‎06-25-2020

Hi,

The ASA 5506 can’t even support that many tunnels, probably a bug. If you run the command “show vpn-sessiondb summary” from the cli and compare the number of tunnels. If different from ASDM then probably a bug in ASDM, so upgrade.

HTH

Karsten Iwen · ‎06-26-2020

If I remember right, these are the amount of IPsec SAs and not configured "VPN-connections". And based on the VPN-configuration, especially on the remote side, it can be that you have that amount of SA.

The already mentioned "show vpn-sessiondb" command will tell you that.

Scott12 · ‎06-26-2020

Hello guys,

This is the result of the command,

Result of the command: "show vpn-sessiondb summary"

---------------------------------------------------------------------------
VPN Session Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concur : Inactive
----------------------------------------------
Site-to-Site VPN : 3 : 1152 : 5
IKEv1 IPsec : 3 : 1152 : 5
---------------------------------------------------------------------------
Total Active and Inactive : 3 Total Cumulative : 1152
Device Total VPN Capacity : 50
Device Load : 6%
---------------------------------------------------------------------------

What do you think?

Regards