VPN resets every 30 seconds

jeferson.simas · ‎04-30-2021

1. VPN resets every 30 seconds

2. VPN Packets are encrypting but not decrypting.

====

remote ident (addr/mask/prot/port): (170.150.0.202/255.255.255.255/47/0)
current_peer 170.150.0.200 port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 3, #pkts encrypt: 3, #pkts digest: 3
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

====

Crypto session current status

Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
R - IKE Auto Reconnect

Interface: Virtual-Access112
Profile: IKEV2-PROFILE-OSM1
Uptime: 00:00:20
Session status: UP-ACTIVE

=====

Does anyone have some ideas for the cause?

Thank you in advance.

balaji.bandi · ‎04-30-2021

With information provided its very difficult say what causing the issue.

we need below information :

1. what is this device ?

2. is this site to site vpn ?

3. what is the other side device.

4. Provide both the side config ? or verify yourself is this correct ?

5. Do you have stability of connection ?

enable debug to see why this is causing the issue both ends ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

FrejusMA · ‎08-17-2023

Has this been solved????

tvotna · ‎08-18-2023

Typically such issues are caused by some misconfiguration or this can be an interoperability issue, not necessarily a bug. The problem with IKEv2 protocol design is that IKEv2 SA can be UP on one side, but DOWN on the other. E.g. last time I saw this when Android native IKEv2 client tried to connect to ASA. Check both sides of the tunnel.