Hi Experts,

We have given site to site VPN connectivity to our client . They are reporting that they are not able to access out network due to VPN down.

As I checked on my router it's showing up for Port 4500 & down for 500.

Below find the output

#sh crypto session remote  152.69.248.225     

Crypto session current status

Interface: GigabitEthernet0/0/2

Session status: UP-ACTIVE    

Peer: 152.69.248.225 port 4500

  IKE SA: local 3.148.197.4/4500 remote 152.69.248.225/4500 Active

  IPSEC FLOW: permit ip 3.148.197.0/255.255.255.0 host 170.69.246.2

        Active SAs: 2, origin: crypto map

Interface: GigabitEthernet0/0/2

Session status: DOWN

Peer: 152.69.248.225 port 500

  IPSEC FLOW: permit ip 3.110.96.0/255.255.255.0 host 152.69.246.2

        Active SAs: 0, origin: crypto map

  IPSEC FLOW: permit ip 3.110.97.0/255.255.255.0 host 152.69.246.2

        Active SAs: 0, origin: crypto map

#sh crypto session remote  152.69.248.225  brief

Status: A- Active, U - Up, D - Down, I - Idle, S - Standby, N - Negotiating

        K - No IKE

ivrf = (none)

           Peer     I/F        Username          Group/Phase1_id   Uptime Status

152.69.248.225 Gi0/0/2                            10.130.132.34 01:14:49    UA

Can anyone help me to understand the output.

Security purpose I have changed Ip addresses, so do't confused with ip's.

Also pl's suggest any document which will clear my VPN concept's

Thanks in advance

Surya