Solved

cisco SDM - VPN probs?

Posted on 2009-03-30
3
448 Views
Last Modified: 2012-06-27
Hi,
We are using Cisco 87x series routers and get a lot of problems looking at SDM and the VPN status - sometimes they are down and the GUI shows them as up, other times it is the opposite.
Is this a know bug in SDM is there a way around this?
0
Comment
Question by:nmxsupport
  • 2
3 Comments
 
LVL 3

Expert Comment

by:FWeston
ID: 24020333
If you're talking about VPN tunnels, SDM is likely reporting the SA status.  The SA may still show as established although the tunnel isn't passing traffic.  There are a number of reasons this could occur, but unfortunately there isn't a lot you can do about SDM showing the wrong status, because as long as the SA is still reporting as established, SDM will show those tunnels as up.

You can check the SA status using:

show crypto ipsec sa

You can reset established SAs using:

clear crypto sa

Once the SA has been reset, it should reestablish automatically as soon as it sees interesting traffic (I.E. traffic destined for the remote network.)
0
 

Author Comment

by:nmxsupport
ID: 24314072
hmm the tunnel shows as down within SDM even though it is active working and continual ping going through it!
0
 

Accepted Solution

by:
nmxsupport earned 0 total points
ID: 24572671
we have upgraded the firmware on all cisco routers
Thanks
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now