02-02-2020 10:43 PM - edited 02-21-2020 09:51 PM
Hi,
I would like to know why my IPSec tunnel is up/down state on every day .When i use sh ip int bri command
tunnel status is always up.But i when i use "show logging " , show as below messages.Let me know it is normal ? it will effect to performance ?
Log Buffer (4096 bytes):
81: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000540: Jan 28 18:18:11.193: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000541: Jan 29 03:50:07.001: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000542: Jan 29 03:50:07.162: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000543: Jan 29 08:58:24.006: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000544: Jan 29 08:58:24.181: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000545: Jan 29 12:26:00.013: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000546: Jan 29 12:26:00.173: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000547: Jan 29 16:42:05.014: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000548: Jan 29 16:42:05.028: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=xxx.xxx.xxx.xxx.182, prot=50, spi=0xCACEE2BF(3402556095), srcaddr=xxx.xxx.xxx.xxx, input interface=Tunnel0
000549: Jan 29 16:42:05.193: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000550: Jan 29 19:22:55.013: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000551: Jan 29 19:22:57.534: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
000552: Jan 31 08:50:24.045: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down
000553: Jan 31 08:50:24.056: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=xxx.xxx.xxx.xxx, prot=50, spi=0x58EF3CFF(1492073727), srcaddr=xxx.xxx.xxx.xxx, input interface=Tunnel0
000554: Jan 31 08:50:24.306: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to up
02-03-2020 12:11 AM
02-03-2020 12:48 AM
Hi,
if i run debugg ,it will effect existing operation ?
or it will run background ?
02-03-2020 01:08 AM
02-03-2020 02:30 PM
If you have multiple VPN tunnels, use the debug crypto condition peer <peer IP> command to limit the amount of output it will generate.
02-11-2020 05:34 PM
Hi,
I applied all debug but i didn't see any log.Only i see tunnel up down state.
I noticed as below.
Our branch staff go back home after office hour ,all computers are shutdown except router and switch.Next day they start computer cannot communicate to DC server.That time,tunnel is up down state.After DC server ping to their site,tunnel is up state and they can connect to DC server.it is related with initiator and responder ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide