Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5906
Views
3
Helpful
18
Replies

FMC VPN Status Health Event keeps repeating

rcullum
Level 1
Level 1

‎05-11-2018 03:24 AM - edited ‎02-21-2020 07:45 AM

Our FMC keeps throwing in the same VPN status event "VPN tunnell between FWA/peerip/subnetX and FWB/peerip/subnetY is inactive due to to Deleted backup session"

Firstly any idea what a backup session refers to? If its a VPN SA, well I've checked the Firewalls and the VPN SA for these subnets is ok on each side. Traffic is being encrypted/decrypted, SPIs match. I have no inactive SAs on the FTDs. So why does FMC keep reporting this?

Secondly, since it'sthe same message every 2-3 mins including the subnets in question,  shouldn't the Health Events Value column count increment instead rather than generating a new message?

24 people had this problem
0 Helpful
18 Replies 18

cmarin
Level 1
Level 1

‎12-12-2024 10:02 AM - edited ‎12-13-2024 05:56 AM

Hi,

I am currenly using FTDs 1120 running code 7.2.7 tonight I will upgrade to 7.2.9 and that error message has been continuous for several time, but the VPN is working fine.

I will let you know what happens after upgrade.

0 Helpful

cmarin
Level 1
Level 1
In response to cmarin

‎12-13-2024 06:01 AM

I upgraded the devices yesterday, also the FMC to 7.2.9

The error message persists.

I cleared the tunnel in both phases.
I checked the querys in the FMC expert mode and deleted the critical alert, but less than a minute later it reapeared.

OmniQuery.pl -db mdb -e "select status,category,hex(uuid) from notification where status=12;"
************ Applying dynamic update files ************
Dynamic update files directory: /usr/local/sf/etc/dynamic_db_updates
Applying file remove_ref_check_rna_ip_os_map.yaml.
Status: Success.
Applying file rule-comments.yaml.
Status: Success.
************ Applying dynamic update files finished ************
+--------+------------------------------------------------------+----------------------------------+
| status | category | hex(uuid) |
+--------+------------------------------------------------------+----------------------------------+
| 12 | health:category.5bbe3968-1334-4a0b-9e01-b91833537890 | 8EA78010B64D31D089D9E3B9D1878D80 |
+--------+------------------------------------------------------+----------------------------------+
1 row in set (0.000339 seconds)

 

OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex("8EA78010B64D31D089D9E3B9D1878D80");'

The VPN is working fine but the message is still there.
Also a failover was already executed.

J. H.
Level 1
Level 1

‎01-24-2025 02:27 AM

Same issue here. Very annoying. The IPsec tunnel works fine, but keeps sending these messages (4110's running FTD v7.2.8).

VPN Tunnel between XXX/outside/X.X.X.X/X.X.X.X and Extranet Device/X.X.X.X/X.X.X.X is inactive due to Deleted backup session.

0 Helpful

J. H.
Level 1
Level 1

‎01-24-2025 02:30 AM - edited ‎01-24-2025 02:33 AM

Topic has over 5000 views and 24 people reported they got the same issue.

Did anyone solve this?.. Involving TAC for this will take weeks or even months.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card