Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
3322
Views
0
Helpful
1
Replies

IPSec Site-to-Site is flapping

Yuliya S
Level 1
Level 1

ā€Ž11-17-2015 03:42 AM - edited ā€Ž02-21-2020 08:33 PM

hi guys.

I have one ipsec to Microsoft Azure. This ipsec tunnel is disconnecting every 8-10 minutes.

disconnect reason is Session is being torn down. Reason: User Requested.

See logs below:

ov 17 2015 12:00:57: %ASA-7-713906: IKE Receiver: Packet received on AA.BB.CC.DD:500 from <IP DELETED>:500
Nov 17 2015 12:00:57: %ASA-7-713236: IP = <IP DELETED>, IKE_DECODE RECEIVED Message (msgid=7942b0b) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 68
Nov 17 2015 12:00:57: %ASA-7-715047: Group = <IP DELETED>, IP = <IP DELETED>, processing hash payload
Nov 17 2015 12:00:57: %ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, processing delete
Nov 17 2015 12:00:57: %ASA-5-713050: Group = <IP DELETED>, IP = <IP DELETED>, Connection terminated for peer <IP DELETED>. Reason: Peer Terminate Remote Proxy 10.10.4.0, Local Proxy XX.YY.ZZ.AA
Nov 17 2015 12:00:57: %ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, Active unit receives a delete event for remote peer <IP DELETED>.

Nov 17 2015 12:00:57: %ASA-7-715009: Group = <IP DELETED>, IP = <IP DELETED>, IKE Deleting SA: Remote Proxy 10.10.4.0, Local Proxy XX.YY.ZZ.AA
Nov 17 2015 12:00:57: %ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, IKE SA MM:2753f6c1 rcv'd Terminate: state MM_ACTIVE flags 0x00000042, refcnt 1, tuncnt 0
Nov 17 2015 12:00:57: %ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, IKE SA MM:2753f6c1 terminating: flags 0x01000002, refcnt 0, tuncnt 0
Nov 17 2015 12:00:57: %ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, sending delete/delete with reason message
Nov 17 2015 12:00:57: %ASA-6-602304: IPSEC: An outbound LAN-to-LAN SA (SPI= 0x77A14934) between AA.BB.CC.DD and <IP DELETED> (user= <IP DELETED>) has been deleted.
Nov 17 2015 12:00:57: %ASA-6-602304: IPSEC: An inbound LAN-to-LAN SA (SPI= 0x57C3AA07) between <IP DELETED> and AA.BB.CC.DD (user= <IP DELETED>) has been deleted.
Nov 17 2015 12:00:57: %ASA-7-715046: Group = <IP DELETED>, IP = <IP DELETED>, constructing blank hash payload
Nov 17 2015 12:00:57: %ASA-7-715046: Group = <IP DELETED>, IP = <IP DELETED>, constructing IKE delete payload
Nov 17 2015 12:00:57: %ASA-7-715046: Group = <IP DELETED>, IP = <IP DELETED>, constructing qm hash payload
Nov 17 2015 12:00:57: %ASA-7-713236: IP = <IP DELETED>, IKE_DECODE SENDING Message (msgid=cb8fad48) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
Nov 17 2015 12:00:57: %ASA-4-106023:
Nov 17 2015 12:00:57: %ASA-7-715077: Pitcher: received key delete msg, spi 0x57c3aa07
Nov 17 2015 12:00:57: %ASA-7-715077: Pitcher: received key delete msg, spi 0x57c3aa07
Nov 17 2015 12:00:57: %ASA-5-713259: Group = <IP DELETED>, IP = <IP DELETED>, Session is being torn down. Reason: User Requested
Nov 17 2015 12:00:57: %ASA-4-113019: Group = <IP DELETED>, Username = <IP DELETED>, IP = <IP DELETED>, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:08m:25s, Bytes xmt: 6383887, Bytes rcv: 40596, Reason: User Requested
Nov 17 2015 12:00:57: %ASA-7-713906: Ignoring msg to mark SA with dsID 116416512 dead because SA deleted

Do you have any ideas regarding this issue?

Labels:
0 Helpful
1 Reply 1

rvarelac
Level 7
Level 7

ā€Ž11-19-2015 04:35 PM

Hi Yulila,  

Based on the debugs, seems the reset is comming from the Azure side.

%ASA-7-713906: Group = <IP DELETED>, IP = <IP DELETED>, Active unit receives a delete event for remote peer <IP DELETED>. 

In this case the torubleshooting needs to focus on that device in order to determine the cause of this behavihor.

Hope it helps

-Randy-

0 Helpful
Customers Also Viewed These Support Documents