dido32

Members
  • Content count

    2
  • Joined

  • Last visited

Community Reputation

-1 Poor

About dido32

  • Rank
    Newbie
  1. please help
  2. hello, I Have configured VPNipsec on asa, i use 'sla monitor track' for duel ISP. I use two interfaces(outside for ISP1, backup for ISP2): 1-when outside interface is down(i take off cable ) vpn switch automatically. 2-but when ISP1 is down (outside interface is up) my internet switch to backup interface , i have internet. but my vpn is down even i have these: When I type sh crypto isakmp sa i get Type : L2L Role : responder Rekey : no State : MM_ACTIVE Encrypt : aes Hash : SHA Auth : preshared Lifetime: 86400 Lifetime Remaining: 85981 it seems fine BUT and when i type sh crypto ipsec sa i get interface: outside (should be backup) i think this result is for ancient vpn . i was trying to follow what happens when my ISP is down , i enable debug isakmp and ipsec when i type debug crypto isakmp 127 I get [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 [iKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0 without stopping that mean my phase1 and two don't complete ofcourse for debug crypto ipsec 127 nothing happens but if i take off outside interface cable , vpn will work thank you advance