01-13-2011 11:45 PM
Hi,
I have problem with the IPSec VPN from Juniper SSG320 going through the ISP router (2801). It seems to be unstable. Within a day, there could be a down in the VPN for about 15mins. During that time, my ping test and traceroute from the router shows that I can get to my ISP, but not from the Juniper, the tests stopped at the router internal interface.Juniper tech has confirm that the device is working fine.
How can I get some statistics or logs that can show that the router is working and VPN traffic is going through ?
Thanks a lot in advance.
01-14-2011 04:42 AM
Hi,
Can you clarify that you do not manage the Juniper? You only manage the 2801 router?
See below a useful troublsehooting guide for IPSEC VPN
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml
The command show crypto ipsec sa will show you amongst other things the traffic that is being encrypted / decrypted by the router
When the tunnel fails the commands debug crypto isakmp & debug crypto ipsec will help to illustrate what is causing the problem.
Please remember to rate all posts that are helpful.
01-16-2011 09:48 PM
Hi Sean,
I do manage both the Juniper and the 2801 router.
The Command that you provide was not able to be executed as the router do not have it.
The IOS version of the router 12.4(1A).
Is there another way to do it ?
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide