Hi guys Ive been noticing that my DMVPN setup has been having intermittent issues with sites that are in transport mode.Every now and then I would have a site go down and would have to clear the isakmp sa session for it to come back up again. I have isakmp periodic keepalives configured and when I show my ISAKMP sa it shows multiple duplicate security associations. Can someone help?
My hub router is a ISR 4431 running version Version 15.5(3)S4b.
my spokes are ISR 2921 running version Version 15.5(3)M7
Below is the output of the show crypto isakmp sa with the duplicate sessions:
192.168.100.2 200.32.X.X QM_IDLE 1012 ACTIVE
192.168.100.2 200.32.X.X QM_IDLE 1010 ACTIVE
200.32.X.X 192.168.100.2 QM_IDLE 1013 ACTIVE
200.32.X.X 192.168.100.2 QM_IDLE 1011 ACTIVE
Ive noticed that my sites that are not using port forwarding aren't having this issue.