I have problem with the IPSec VPN from Juniper SSG320 going through the ISP router (2801). It seems to be unstable. Within a day, there could be a down in the VPN for about 15mins. During that time, my ping test and traceroute from the router shows that I can get to my ISP, but not from the Juniper, the tests stopped at the router internal interface.Juniper tech has confirm that the device is working fine.
How can I get some statistics or logs that can show that the router is working and VPN traffic is going through ?
Thanks a lot in advance.
Can you clarify that you do not manage the Juniper? You only manage the 2801 router?
See below a useful troublsehooting guide for IPSEC VPN
The command show crypto ipsec sa will show you amongst other things the traffic that is being encrypted / decrypted by the router
When the tunnel fails the commands debug crypto isakmp & debug crypto ipsec will help to illustrate what is causing the problem.
Please remember to rate all posts that are helpful.
I do manage both the Juniper and the 2801 router.
The Command that you provide was not able to be executed as the router do not have it.
The IOS version of the router 12.4(1A).
Is there another way to do it ?