We have 2 sites connected via ASA Site-to-Site IKEv2 VPN connections. One site will lose power and after power is restored the tunnel will not pass traffic until that sites ASA is completely rebooted. The ASA itself does not loser power or shut off ,its just the ISP modem that loses power so the internet goes down. Once the power returns and ISP modem is powered back on the tunnel will not pass traffic until I reboot the ASA at the offending site. Is there any setting we can change on the ASA that will allow the runnel to continue passing traffic even though the internet goes out? The ASA in question is running ASA version 9.6.1.
I recreated the scenario and the offending ASA has following errors:
IKEv2 was unsuccessful at setting up a tunnel
Tunnel manager has failed to establish an L2L SA. All configured IKE versions failed to establish the tunnel
So I am assuming you are correct. So just configured the DPD on each group and it will automatically clear when this happens? No other config is needed? Also what is the recommenced DPD time?