anyone, check my below raise issue? On Thu, Jun 28, 2018 at 3:54 PM, sameer mughal <[email protected]> wrote:
> remote site logs are also shared below: > > Jun 28 17:23:20 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Broadcast > PointToPoint Multicast> > Jun 28 17:23:20 kmd[1403]: KMD_VPN_DOWN_ALARM_USER: VPN VPN-SOORTY from > 123.123.123.123 is down. Local-ip: 50.50.50.50, gateway name: gw-soortybd, > vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote > tunnel-ip: 10.115.10.2, Local IKE-ID: 50.50.50.50, Remote IKE-ID: > 123.123.123.123, XAUTH username: Not-Applicable, VR id: 0 > Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 <Broadcast > PointToPoint Multicast Localup> > Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 -> > 10.115.10.1 <Broadcast PointToPoint Multicast Localup> > Jun 28 17:23:20 IFP trace> ifp_ifl_anydown_change_event: IFL anydown > change event: "st0.0" > Jun 28 17:23:20 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79" > Jun 28 17:23:20 IFP trace> ifp_create_tunnel_session: duplicate tunnel > session add(st0). skip tunnel session creation > Jun 28 17:23:20 mib2d[1426]: SNMP_TRAP_LINK_DOWN: ifIndex 584, > ifAdminStatus up(1), ifOperStatus down(2), ifName st0.0 > Jun 28 17:23:35 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Up Broadcast > PointToPoint Multicast> > Jun 28 17:23:35 kmd[1403]: KMD_PM_SA_ESTABLISHED: Local gateway: > 50.50.50.50, Remote gateway: 123.123.123.123, Local ID: > ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]= > 0.0.0.0/0), Direction: inbound, SPI: 0x9e4d39d0, AUX-SPI: 0, Mode: > Tunnel, Type: dynamic > Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 <Up Broadcast > PointToPoint Multicast> > Jun 28 17:23:35 kmd[1403]: KMD_PM_SA_ESTABLISHED: Local gateway: > 50.50.50.50, Remote gateway: 123.123.123.123, Local ID: > ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]= > 0.0.0.0/0), Direction: outbound, SPI: 0xabfd4940, AUX-SPI: 0, Mode: > Tunnel, Type: dynamic > Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 -> > 10.115.10.1 <Up Broadcast PointToPoint Multicast> > Jun 28 17:23:35 kmd[1403]: KMD_VPN_UP_ALARM_USER: VPN VPN-SOORTY from > 123.123.123.123 is up. Local-ip: 50.50.50.50, gateway name: gw-soortybd, > vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote > tunnel-ip: 10.115.10.2, Local IKE-ID: 50.50.50.50, Remote IKE-ID: > 123.123.123.123, XAUTH username: Not-Applicable, VR id: 0 > Jun 28 17:23:35 IFP trace> ifp_ifl_anydown_change_event: IFL anydown > change event: "st0.0" > Jun 28 17:23:35 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79" > Jun 28 17:23:35 IFP trace> ifp_create_tunnel_session: duplicate tunnel > session add(st0). skip tunnel session creation > Jun 28 17:23:35 mib2d[1426]: SNMP_TRAP_LINK_UP: ifIndex 584, > ifAdminStatus up(1), ifOperStatus up(1), ifName st0.0 > > > On Thu, Jun 28, 2018 at 3:24 PM, sameer mughal <[email protected]> > wrote: > >> Gentlemans, >> >> anyone help me on this issue? >> >> On Mon, Jun 25, 2018 at 10:37 PM, sameer mughal <[email protected]> >> wrote: >> >>> Dear Alexandre, >>> Please guide how can I fix this issue? It raise suddenly before this on >>> same configuration ipsec tunnel was working fine for more than 5 to 6 >>> months. >>> >>> On Mon, Jun 25, 2018, 8:22 PM Alexandre Guimaraes < >>> [email protected]> wrote: >>> >>>> Sameer >>>> >>>> >>>> Reason: IPSec SA delete payload received from peer, corresponding IPSec >>>> SAs cleared >>>> >>>> >>>> This is a phase 2 problem, maybe deadpeerdetection failure, VPN >>>> monitoring failure, a failure during rekey when old SA is deleted >>>> notification sent to delete old SA. Most of the cases. >>>> >>>> >>>> >>>> att >>>> Alexandre >>>> >>>> Em 25 de jun de 2018, à(s) 03:42, sameer mughal <[email protected]> >>>> escreveu: >>>> >>>> both sites on srx. >>>> following are the logs. >>>> >>>> show log junilog|match st0.15 >>>> Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast >>>> PointToPoint Multicast> >>>> Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast >>>> PointToPoint Multicast Localup> >>>> Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 >>>> -> 10.115.10.2 <Broadcast PointToPoint Multicast Localup> >>>> Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN >>>> from 103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: >>>> IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: >>>> st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote >>>> IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, >>>> Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]= >>>> 0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0 >>>> .0/0), SA Type: Static, Reason: IPSec SA delete payload received from >>>> peer, corresponding IPSec SAs cleared >>>> Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588, >>>> ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15 >>>> Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN >>>> from 103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: >>>> IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: >>>> st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote >>>> IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, >>>> Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]= >>>> 0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0 >>>> .0/0), SA Type: Static >>>> Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up >>>> Broadcast PointToPoint Multicast> >>>> Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast >>>> PointToPoint Multicast> >>>> Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 >>>> -> 10.115.10.2 <Up Broadcast PointToPoint Multicast> >>>> Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588, >>>> ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15 >>>> Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN >>>> from 103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: >>>> IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: >>>> st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote >>>> IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, >>>> Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]= >>>> 0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0 >>>> .0/0), SA Type: Static, Reason: IPSec SA delete payload received from >>>> peer, corresponding IPSec SAs cleared >>>> Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast >>>> PointToPoint Multicast> >>>> Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast >>>> PointToPoint Multicast Localup> >>>> Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 >>>> -> 10.115.10.2 <Broadcast PointToPoint Multicast Localup> >>>> Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588, >>>> ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15 >>>> Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up >>>> Broadcast PointToPoint Multicast> >>>> Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast >>>> PointToPoint Multicast> >>>> Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN >>>> from 103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: >>>> IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: >>>> st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote >>>> IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, >>>> Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]= >>>> 0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0 >>>> .0/0), SA Type: Static >>>> Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 >>>> -> 10.115.10.2 <Up Broadcast PointToPoint Multicast> >>>> Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588, >>>> ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15 >>>> >>>> {primary:node0} >>>> >>>> On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes < >>>> [email protected]> wrote: >>>> >>>>> Have you checked the errors? Do a deep Inspection and check the >>>>> packets to see what’s the behavior that’s trigger the down state. Tcpdump >>>>> Will give you hints. >>>>> >>>>> Both sides uses SRX? >>>>> >>>>> att >>>>> Alexandre >>>>> >>>>> Em 24 de jun de 2018, à(s) 07:59, sameer mughal <[email protected]> >>>>> escreveu: >>>>> >>>>> > Hi All, >>>>> > I am facing ipsec tunnel flapping issue on srx550. Both sides isp >>>>> links are >>>>> > up and stable but still tunnel is flapping. >>>>> > Can anyone facing similar problem or any solution to fix this issue? >>>>> > _______________________________________________ >>>>> > juniper-nsp mailing list [email protected] >>>>> > https://puck.nether.net/mailman/listinfo/juniper-nsp >>>>> >>>> >>>> >> > _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
