Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
711
Views
5
Helpful
4
Replies

L2L site vpn tunnels are going down randomly

Carthique_7
Level 1
Level 1

‎06-18-2021 11:59 AM

We have Cisco Asa5516-x at the data center that makes site to site vpn tunnels with remote offices, recently we are observing some of the site VPN tunnels and any connect clients are getting disconnect 

 

1- we have 8 site to site vpn tunnels with remote sites and 120 vpn users 

2- from data center , we have single ISP(isp says everything good from their end)

3- all sites have different isps 

 

please help me with troubleshooting steps 

Labels:
0 Helpful
4 Replies 4

marce1000
VIP
VIP

‎06-18-2021 10:53 PM

 

          - Check logs on the ASA when that happens.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Carthique_7
Level 1
Level 1
In response to marce1000

‎06-19-2021 01:12 PM

It doesn’t show any logs, all the logs are getting icmp blocks alone

Thanks
Karthik
0 Helpful

MHM Cisco World
VIP
VIP

‎06-20-2021 11:04 AM

check lifetime and use keep alive isakmp. 

0 Helpful

Carthique_7
Level 1
Level 1
In response to MHM Cisco World

‎06-24-2021 09:07 AM

Checked the life time and keep Alives are configured for 10secs and retry in 2secs.

 

I found there is a mismatch in access list in ASA to  access list in 2811, but that shouldn’t impact all the tunnels 

Customers Also Viewed These Support Documents