DMVPN tunnel goes down and would have to clear isakmp sa for it to come back up.
Hi guys Ive been noticing that my DMVPN setup has been having intermittent issues with sites that are in transport mode.Every now and then I would have a site go down and would have to clear the isakmp sa session for it to come back up again. I have isakmp periodic keepalives configured and when I show my ISAKMP sa it shows multiple duplicate security associations. Can someone help?
My hub router is a ISR 4431 running version Version 15.5(3)S4b.
my spokes are ISR 2921 running version Version 15.5(3)M7
Below is the output of the show crypto isakmp sa with the duplicate sessions:
192.168.100.2 200.32.X.X QM_IDLE 1012 ACTIVE 192.168.100.2 200.32.X.X QM_IDLE 1010 ACTIVE 200.32.X.X 192.168.100.2 QM_IDLE 1013 ACTIVE 200.32.X.X 192.168.100.2 QM_IDLE 1011 ACTIVE
Ive noticed that my sites that are not using port forwarding aren't having this issue.
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the SecureX regio...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
GeneralWhich Cisco Secure products include access to SecureX?What are the SecureX data retention/privacy policies?What is SSE?How can I unlink my smart account from SSE and link it to a new account?Do I have to use the same SSE region as the Secur...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...