Bubbalouie
Technical User
Hi,
I have a cisco 2900 series router that has 9 site-to-site vpn's terminating on it. The end points are a mixture of cisco and netgear routers.
Today I come to work and I get a call from one of our remote sites who say 'the server is down' which in the real world means that their vpn isn't working.
I jump on our core router (Cisco 2900 series router) and issue a 'show crypto isakmp sa' command to look for the tunnel. Not only is the tunnel up and running there are two of them!
xxx.xxx.xx.90 xx.xxx.xx.22 QM_IDLE 1180 ACTIVE
xxx.xxx.xx.90 xx.xxx.xx.22 QM_IDLE 1172 ACTIVE
I actually checked earlier today and there were 5 active conn-id's for the same ip address. I've never seen this before.
I cleared the multiple connections with no luck. I then had them reboot their router (netgear fvs318) but i'm still getting multiple entries for that remote ip address.
What is going on here? How can I resolve this?
Thanks In Advance!
I have a cisco 2900 series router that has 9 site-to-site vpn's terminating on it. The end points are a mixture of cisco and netgear routers.
Today I come to work and I get a call from one of our remote sites who say 'the server is down' which in the real world means that their vpn isn't working.
I jump on our core router (Cisco 2900 series router) and issue a 'show crypto isakmp sa' command to look for the tunnel. Not only is the tunnel up and running there are two of them!
xxx.xxx.xx.90 xx.xxx.xx.22 QM_IDLE 1180 ACTIVE
xxx.xxx.xx.90 xx.xxx.xx.22 QM_IDLE 1172 ACTIVE
I actually checked earlier today and there were 5 active conn-id's for the same ip address. I've never seen this before.
I cleared the multiple connections with no luck. I then had them reboot their router (netgear fvs318) but i'm still getting multiple entries for that remote ip address.
What is going on here? How can I resolve this?
Thanks In Advance!