Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
750
Views
0
Helpful
2
Replies

IPsec SA Freezing after a couple of weeks

oluwafemi.famuyiwa
Level 1
Level 1

‎02-07-2017 06:39 AM - edited ‎02-21-2020 09:09 PM

Hi Friends, 

I have a site-2-site IPsec tunnel (using IKev2 and FlexVPN) between a remote site and a Hub. Everything is working fine including the IKEv2 routing used for the route exchanges. However, after a couple of weeks, the tunnel stops working even the crypto sa for the phase 1 remains up and nothing out of norm from the logs. The only way I have been resolving the issue is by reloading the remote router (clearing the crypto sa alone wouldn't work). It's a bit weird and I have involved a Cisco TAC but nothing positive from them yet as to what is causing this intermittent freeze. To be honest, I'm thinking it's a bug but may be wrong. 

Has anyone encountered similar problem before? If yes, how did you resolve the issue please.  Any help or suggestions will be appreciated.

Remote site use 881 router with c800-universalk9-mz.SPA.155-3.M.bin

Hub site use 3925 router with c3900-universalk9-mz.SPA.154-3.M3.bin

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

‎02-07-2017 01:11 PM

I had a similar problem shortly (after running without any problem for a longer time). Upgrading to 15.5(3)M5 solved that problem. In situations like these, upgrading to the latest release is often the first and easiest troubleshooting step.

0 Helpful

oluwafemi.famuyiwa
Level 1
Level 1
In response to Karsten Iwen

‎02-08-2017 04:06 AM

Thanks Karsten for your reply.

I was actually thinking of upgrading to 155-3.M4a if it resolves the issue. I will keep you updated if the issue doesn't re-occur following the upgrade. Thanks.

0 Helpful
Customers Also Viewed These Support Documents