Solved: Re: ASA 5525 event manager - Page 2

sergei-bilan · ‎12-19-2023

Hi team, maybe who help me)

I have ASA 5525. I want to write in the event manager if the ping is not successful (Success rate is 0 percent), then you need to execute clear crypto ikev2 sa "x.x.x.x" Check available IP once every 3-5 minutes. Maybe someone will share the script. Thank you.

MHM Cisco World · ‎12-19-2023

Deny IP spoof from <- this meaning ip spoof is drop icmp not tunnel is down.

Check this point

MHM

sergei-bilan · ‎12-19-2023

This is not from the fall of the tunnel, but from sticking, and you can check this only by pinging the other side of the tunnel, but this script does not do it either, because it cleans every 60 seconds and does not look at the ID. Perhaps the ID ASA-2-106016 should be specified?

MHM Cisco World · ‎12-19-2023

What I share before is from Cisco Doc.

Check it.

MHM

MHM Cisco World · ‎12-19-2023

This eem check

Sla monitor LAN to LAN

MHM

sergei-bilan · ‎12-19-2023

I solved this issue with two event tasks. 1 Ping`s IP and generate ID. 2 Sees this ID restarts the tunnel

MHM Cisco World · ‎12-19-2023

Glad issue is solved

Happy ending

But why two you can use frequent to config time between each sla monitor and use one EEM to detect ID of track.

Anyway it solved in end

Have a nice day

MHM