Restarting VPN Tunnels on Cisco

In some rare cases, VPN Tunnels hang-up randomly and needs to be bounced or restarted to restart the VPN Tunnel negotiate that on some cases the easiest fix on VPN Down issues

Check Phase 1 Status of the Tunnel:

show crypto ipsec sa

Normal/UP status should show: QM_IDLE (More info on Status here)

vpn

Restarting VPN Tunnel

If you have multiple VPN Tunnels, Identify the peer IP of the tunnel you wish to Restart.

Usually, you can associate the ACL or IPSEC Policy that calls the peer IP and the

EXAMPLE:

crypto map CUSTOMER-VPN 24 ipsec-isakmp
description Customer24
set peer 122.122.122.122
set transform-set TR-3DES-SHA 256
match address VPN-Customer24

Restart the Tunnel:

clear crypto sa peer 122.122.122.122 (Clear all SAs for given crypto peer)

clear crypto session remote 122.122.122.122 (Clear crypto sessions for a remote IKE peer)

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

%d bloggers like this:

M	T	W	T	F	S	S
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30

Share this:

Like this:

Related

Leave a Reply Cancel reply