cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1028
Views
0
Helpful
2
Replies
Beginner

Unstable VPN through Cisco 2801 Router

Hi,

I have problem with the IPSec VPN from Juniper SSG320 going through the ISP router (2801). It seems to be unstable. Within a day, there could be a down in the VPN for about 15mins. During that time, my ping test and traceroute from the router shows that I can get to my ISP, but not from the Juniper, the tests stopped at the router internal interface.Juniper tech has confirm that the device is working fine.

How can I get some statistics or logs that can show that the router is working and VPN traffic is going through ?

Thanks a lot in advance.

Everyone's tags (4)
2 REPLIES 2
Highlighted
Rising star

Re: Unstable VPN through Cisco 2801 Router

Hi,

Can you clarify that you do not manage the Juniper? You only manage the 2801 router?

See below a useful troublsehooting guide for IPSEC VPN

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml

The command show crypto ipsec sa will show you amongst other things the traffic that is being encrypted / decrypted by the router

When the tunnel fails the commands debug crypto isakmp & debug crypto ipsec will help to illustrate what is causing the problem.

Please remember to rate all posts that are helpful.


Highlighted
Beginner

Re: Unstable VPN through Cisco 2801 Router

Hi Sean,

I do manage both the Juniper and the 2801 router.
The Command that you provide was not able to be executed as the router do not have it.
The IOS version of the router 12.4(1A).
Is there another way to do it ?

Thanks.