06-25-2020 09:24 PM
Hello there!
Our ASA 6606-X in the office has been increasing the ipsec tunnels since two days, however we only have configured 5 site-to-site VPNs. I don't understand why ipsec is growing, due this we had to restart the firewall.
I really appreciate your kind support.
Regards
06-25-2020 10:42 PM - edited 06-26-2020 12:09 AM
Hi,
The ASA 5506 can’t even support that many tunnels, probably a bug. If you run the command “show vpn-sessiondb summary” from the cli and compare the number of tunnels. If different from ASDM then probably a bug in ASDM, so upgrade.
HTH
06-26-2020 12:22 AM
If I remember right, these are the amount of IPsec SAs and not configured "VPN-connections". And based on the VPN-configuration, especially on the remote side, it can be that you have that amount of SA.
The already mentioned "show vpn-sessiondb" command will tell you that.
06-26-2020 01:40 PM
Hello guys,
This is the result of the command,
Result of the command: "show vpn-sessiondb summary"
---------------------------------------------------------------------------
VPN Session Summary
---------------------------------------------------------------------------
Active : Cumulative : Peak Concur : Inactive
----------------------------------------------
Site-to-Site VPN : 3 : 1152 : 5
IKEv1 IPsec : 3 : 1152 : 5
---------------------------------------------------------------------------
Total Active and Inactive : 3 Total Cumulative : 1152
Device Total VPN Capacity : 50
Device Load : 6%
---------------------------------------------------------------------------
What do you think?
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: