Hi Guys,
I'm running DMVPN with ipsec profile but currently having issue in connectivity from different sites. What would be the issue if ipsec not encapsulation/decap packet, also noticed that #send errors 17939 is increasing. no other parameters/stats?
Phase 1 is established.
sh crypto ipsec sa
interface: Tunnel1
Crypto map tag: Tunnel1-head-0, local addr xxxx
protected vrf: (none)
local ident (addr/mask/prot/port): (xxxx/255.255.255.255/47/0)
remote ident (addr/mask/prot/port): (xxxx/255.255.255.255/47/0)
current_peer xxxx port 500
PERMIT, flags={origin_is_acl,ipsec_sa_request_sent}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 11102, #recv errors 0
local crypto endpt.: xxxx, remote crypto endpt.: xxxxx
plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb (none)
current outbound spi: 0x0(0)
PFS (Y/N): N, DH group: none
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
Both local and remote address seem ok same with the other side. anyone encountered this issue?
Kindly comment if need more information.
Thanks
No comments:
Post a Comment