Discussion:
[j-nsp] Ipsec tunnel flapping
sameer mughal
2018-06-24 10:57:39 UTC
Permalink
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp links are
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Alexandre Guimaraes
2018-06-24 22:03:33 UTC
Permalink
Have you checked the errors? Do a deep Inspection and check the packets to see what’s the behavior that’s trigger the down state. Tcpdump Will give you hints.

Both sides uses SRX?

att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp links are
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman
sameer mughal
2018-06-25 06:42:28 UTC
Permalink
both sites on srx.
following are the logs.

show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID:
103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector:
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA Type:
Static, Reason: IPSec SA delete payload received from peer, corresponding
IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID:
103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector:
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA Type:
Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID:
103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector:
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA Type:
Static, Reason: IPSec SA delete payload received from peer, corresponding
IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID:
103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector:
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA Type:
Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15

{primary:node0}

On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the packets to
see what’s the behavior that’s trigger the down state. Tcpdump Will give
you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp links
are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/junip
Alexandre Guimaraes
2018-06-25 15:22:05 UTC
Permalink
Sameer


Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared

This is a phase 2 problem, maybe deadpeerdetection failure, VPN monitoring failure, a failure during rekey when old SA is deleted notification sent to delete old SA. Most of the cases.



att
Alexandre

Em 25 de jun de 2018, à(s) 03:42, sameer mughal <***@gmail.com<mailto:***@gmail.com>> escreveu:

both sites on srx.
following are the logs.

show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 -> 10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from 103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), SA Type: Static, Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588, ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from 103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), SA Type: Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 -> 10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588, ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from 103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), SA Type: Static, Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 -> 10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588, ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from 103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW, vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0, Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0<http://0.0.0.0/0>), SA Type: Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 -> 10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588, ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15

{primary:node0}

On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <***@ascenty.com<mailto:***@ascenty.com>> wrote:
Have you checked the errors? Do a deep Inspection and check the packets to see what’s the behavior that’s trigger the down state. Tcpdump Will give you hints.

Both sides uses SRX?

att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp links are
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-
sameer mughal
2018-06-25 17:37:48 UTC
Permalink
Dear Alexandre,
Please guide how can I fix this issue? It raise suddenly before this on
same configuration ipsec tunnel was working fine for more than 5 to 6
months.

On Mon, Jun 25, 2018, 8:22 PM Alexandre Guimaraes <
Post by Alexandre Guimaraes
Sameer
Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
This is a phase 2 problem, maybe deadpeerdetection failure, VPN
monitoring failure, a failure during rekey when old SA is deleted
notification sent to delete old SA. Most of the cases.
att
Alexandre
both sites on srx.
following are the logs.
show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
SA Type: Static, Reason: IPSec SA delete payload received from peer,
corresponding IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
SA Type: Static, Reason: IPSec SA delete payload received from peer,
corresponding IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
{primary:node0}
On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the packets
to see what’s the behavior that’s trigger the down state. Tcpdump Will give
you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp links
are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.ne
sameer mughal
2018-06-28 10:24:54 UTC
Permalink
Gentlemans,

anyone help me on this issue?
Post by sameer mughal
Dear Alexandre,
Please guide how can I fix this issue? It raise suddenly before this on
same configuration ipsec tunnel was working fine for more than 5 to 6
months.
On Mon, Jun 25, 2018, 8:22 PM Alexandre Guimaraes <
Post by Alexandre Guimaraes
Sameer
Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
This is a phase 2 problem, maybe deadpeerdetection failure, VPN
monitoring failure, a failure during rekey when old SA is deleted
notification sent to delete old SA. Most of the cases.
att
Alexandre
both sites on srx.
following are the logs.
show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.
0.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA
Type: Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.
0.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0), SA
Type: Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
{primary:node0}
On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the packets
to see what’s the behavior that’s trigger the down state. Tcpdump Will give
you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp
links are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/m
sameer mughal
2018-06-28 10:54:18 UTC
Permalink
remote site logs are also shared below:

Jun 28 17:23:20 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Broadcast
PointToPoint Multicast>
Jun 28 17:23:20 kmd[1403]: KMD_VPN_DOWN_ALARM_USER: VPN VPN-SOORTY from
123.123.123.123 is down. Local-ip: 50.50.50.50, gateway name: gw-soortybd,
vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote
tunnel-ip: 10.115.10.2, Local IKE-ID: 50.50.50.50, Remote IKE-ID:
123.123.123.123, XAUTH username: Not-Applicable, VR id: 0
Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 <Broadcast
PointToPoint Multicast Localup>
Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 ->
10.115.10.1 <Broadcast PointToPoint Multicast Localup>
Jun 28 17:23:20 IFP trace> ifp_ifl_anydown_change_event: IFL anydown
change event: "st0.0"
Jun 28 17:23:20 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79"
Jun 28 17:23:20 IFP trace> ifp_create_tunnel_session: duplicate tunnel
session add(st0). skip tunnel session creation
Jun 28 17:23:20 mib2d[1426]: SNMP_TRAP_LINK_DOWN: ifIndex 584,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.0
Jun 28 17:23:35 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Up Broadcast
PointToPoint Multicast>
Jun 28 17:23:35 kmd[1403]: KMD_PM_SA_ESTABLISHED: Local gateway:
50.50.50.50, Remote gateway: 123.123.123.123, Local ID:
ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Direction: inbound, SPI: 0x9e4d39d0, AUX-SPI: 0, Mode: Tunnel,
Type: dynamic
Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 <Up Broadcast
PointToPoint Multicast>
Jun 28 17:23:35 kmd[1403]: KMD_PM_SA_ESTABLISHED: Local gateway:
50.50.50.50, Remote gateway: 123.123.123.123, Local ID:
ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Direction: outbound, SPI: 0xabfd4940, AUX-SPI: 0, Mode: Tunnel,
Type: dynamic
Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 ->
10.115.10.1 <Up Broadcast PointToPoint Multicast>
Jun 28 17:23:35 kmd[1403]: KMD_VPN_UP_ALARM_USER: VPN VPN-SOORTY from
123.123.123.123 is up. Local-ip: 50.50.50.50, gateway name: gw-soortybd,
vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote
tunnel-ip: 10.115.10.2, Local IKE-ID: 50.50.50.50, Remote IKE-ID:
123.123.123.123, XAUTH username: Not-Applicable, VR id: 0
Jun 28 17:23:35 IFP trace> ifp_ifl_anydown_change_event: IFL anydown
change event: "st0.0"
Jun 28 17:23:35 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79"
Jun 28 17:23:35 IFP trace> ifp_create_tunnel_session: duplicate tunnel
session add(st0). skip tunnel session creation
Jun 28 17:23:35 mib2d[1426]: SNMP_TRAP_LINK_UP: ifIndex 584,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.0
Post by sameer mughal
Gentlemans,
anyone help me on this issue?
Post by sameer mughal
Dear Alexandre,
Please guide how can I fix this issue? It raise suddenly before this on
same configuration ipsec tunnel was working fine for more than 5 to 6
months.
On Mon, Jun 25, 2018, 8:22 PM Alexandre Guimaraes <
Post by Alexandre Guimaraes
Sameer
Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
This is a phase 2 problem, maybe deadpeerdetection failure, VPN
monitoring failure, a failure during rekey when old SA is deleted
notification sent to delete old SA. Most of the cases.
att
Alexandre
both sites on srx.
following are the logs.
show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up
Broadcast PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up
Broadcast PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
{primary:node0}
On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the packets
to see what’s the behavior that’s trigger the down state. Tcpdump Will give
you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp
links are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.ne
sameer mughal
2018-07-03 06:29:48 UTC
Permalink
anyone, check my below raise issue?
Post by sameer mughal
Jun 28 17:23:20 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Broadcast
PointToPoint Multicast>
Jun 28 17:23:20 kmd[1403]: KMD_VPN_DOWN_ALARM_USER: VPN VPN-SOORTY from
123.123.123.123 is down. Local-ip: 50.50.50.50, gateway name: gw-soortybd,
vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote
123.123.123.123, XAUTH username: Not-Applicable, VR id: 0
Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 <Broadcast
PointToPoint Multicast Localup>
Jun 28 17:23:20 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 ->
10.115.10.1 <Broadcast PointToPoint Multicast Localup>
Jun 28 17:23:20 IFP trace> ifp_ifl_anydown_change_event: IFL anydown
change event: "st0.0"
Jun 28 17:23:20 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79"
Jun 28 17:23:20 IFP trace> ifp_create_tunnel_session: duplicate tunnel
session add(st0). skip tunnel session creation
Jun 28 17:23:20 mib2d[1426]: SNMP_TRAP_LINK_DOWN: ifIndex 584,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.0
Jun 28 17:23:35 rpd[1398]: EVENT <UpDown> st0.0 index 79 <Up Broadcast
PointToPoint Multicast>
ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]=
Tunnel, Type: dynamic
Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 <Up Broadcast
PointToPoint Multicast>
ipv4_subnet(any:0,[0..7]=0.0.0.0/0), Remote ID: ipv4_subnet(any:0,[0..7]=
Tunnel, Type: dynamic
Jun 28 17:23:35 rpd[1398]: EVENT UpDown st0.0 index 79 10.115.10.1 ->
10.115.10.1 <Up Broadcast PointToPoint Multicast>
Jun 28 17:23:35 kmd[1403]: KMD_VPN_UP_ALARM_USER: VPN VPN-SOORTY from
123.123.123.123 is up. Local-ip: 50.50.50.50, gateway name: gw-soortybd,
vpn name: VPN-SOORTY, tunnel-id: 131073, local tunnel-if: st0.0, remote
123.123.123.123, XAUTH username: Not-Applicable, VR id: 0
Jun 28 17:23:35 IFP trace> ifp_ifl_anydown_change_event: IFL anydown
change event: "st0.0"
Jun 28 17:23:35 IFP trace> ifp_ifl_chg: IFL chg: "st0.0 ifl_id 79"
Jun 28 17:23:35 IFP trace> ifp_create_tunnel_session: duplicate tunnel
session add(st0). skip tunnel session creation
Jun 28 17:23:35 mib2d[1426]: SNMP_TRAP_LINK_UP: ifIndex 584,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.0
Post by sameer mughal
Gentlemans,
anyone help me on this issue?
Post by sameer mughal
Dear Alexandre,
Please guide how can I fix this issue? It raise suddenly before this on
same configuration ipsec tunnel was working fine for more than 5 to 6
months.
On Mon, Jun 25, 2018, 8:22 PM Alexandre Guimaraes <
Post by Alexandre Guimaraes
Sameer
Reason: IPSec SA delete payload received from peer, corresponding IPSec SAs cleared
This is a phase 2 problem, maybe deadpeerdetection failure, VPN
monitoring failure, a failure during rekey when old SA is deleted
notification sent to delete old SA. Most of the cases.
att
Alexandre
both sites on srx.
following are the logs.
show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2
-> 10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up
Broadcast PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2
-> 10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static, Reason: IPSec SA delete payload received from
peer, corresponding IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2
-> 10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up
Broadcast PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN
st0.15, remote tunnel-ip: 10.115.10.1, Local IKE-ID: 124.29.233.138, Remote
IKE-ID: 103.229.87.66, XAUTH username: Not-Applicable, VR id: 0,
Traffic-selector: , Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=
0.0.0.0/0), Traffic-selector remote ID: ipv4_subnet(any:0,[0..7]=0.0.0
.0/0), SA Type: Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2
-> 10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
{primary:node0}
On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the
packets to see what’s the behavior that’s trigger the down state. Tcpdump
Will give you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp
links are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://pu

sameer mughal
2018-06-25 17:35:59 UTC
Permalink
Dear Koyle,
I have already configure static route towards destination.
Do you have a default route over that tunnel? If so, once the tunnel
comes up it will try to route the ipsec connection through the tunnel,
which will break the tunnel. Try adding a static route to the remote
tunnel endpoint via your internet connection.
--
Eldon
Post by sameer mughal
both sites on srx.
following are the logs.
show log junilog|match st0.15
Jun 25 01:47:51 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:47:51 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:47:51 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static, Reason: IPSec SA delete payload received from peer, corresponding
IPSec SAs cleared
Jun 25 01:47:51 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:48:06 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static
Jun 25 01:48:06 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:48:06 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:48:06 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
Jun 25 01:51:52 kmd[1902]: KMD_VPN_DOWN_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is down. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static, Reason: IPSec SA delete payload received from peer, corresponding
IPSec SAs cleared
Jun 25 01:51:52 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Broadcast
PointToPoint Multicast>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 <Broadcast
PointToPoint Multicast Localup>
Jun 25 01:51:52 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Broadcast PointToPoint Multicast Localup>
Jun 25 01:51:52 mib2d[1865]: SNMP_TRAP_LINK_DOWN: ifIndex 588,
ifAdminStatus up(1), ifOperStatus down(2), ifName st0.15
Jun 25 01:52:07 rpd[1867]: EVENT <UpDown> st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 <Up Broadcast
PointToPoint Multicast>
Jun 25 01:52:07 kmd[1902]: KMD_VPN_UP_ALARM_USER: VPN IPSEC-15-VPN from
103.229.87.66 is up. Local-ip: 124.29.233.138, gateway name: IKE-U15-GW,
vpn name: IPSEC-15-VPN, tunnel-id: 131075, local tunnel-if: st0.15, remote
, Traffic-selector local ID: ipv4_subnet(any:0,[0..7]=0.0.0.0/0),
Static
Jun 25 01:52:07 rpd[1867]: EVENT UpDown st0.15 index 86 10.115.10.2 ->
10.115.10.2 <Up Broadcast PointToPoint Multicast>
Jun 25 01:52:07 mib2d[1865]: SNMP_TRAP_LINK_UP: ifIndex 588,
ifAdminStatus up(1), ifOperStatus up(1), ifName st0.15
{primary:node0}
On Mon, Jun 25, 2018 at 3:03 AM, Alexandre Guimaraes <
Post by Alexandre Guimaraes
Have you checked the errors? Do a deep Inspection and check the packets
to
Post by Alexandre Guimaraes
see what’s the behavior that’s trigger the down state. Tcpdump Will give
you hints.
Both sides uses SRX?
att
Alexandre
Post by sameer mughal
Hi All,
I am facing ipsec tunnel flapping issue on srx550. Both sides isp
links
Post by Alexandre Guimaraes
are
Post by sameer mughal
up and stable but still tunnel is flapping.
Can anyone facing similar problem or any solution to fix this issue?
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list juniper-***@puck.nether.net
https://puck.nether.net/mailma
Loading...