IPsec VPN Phase 2 selector shows both upward and downward arrows

Aadar-Soomro · ‎10-21-2024

Dear Members,

i am getting issue with my IPsec tunnel, it show both arrows upward and downward at a time. required help to troubleshoot the issue.

Toshi_Esumi · ‎10-21-2024

You must have two network selectors. One is up and another is down. If you don't matching traffic to the second selector, it might now come up. Try generating traffic from the local subnet to the other side matching the selector.

Toshi

Aadar-Soomro · ‎10-21-2024

No Traffic is passed through this VPN

Toshi_Esumi · ‎10-21-2024

If you run like a continuous pinging, but never get the second phase2 come up, likely the other side of the selector config is not matching the local config.
If you're confident both are matching, you need to run IKE debug hopefully on both sides. Since it's only one IPsec on the local side, you don't have to filter other traffic out but can simply run below:
diag debug reset

diag debug app ike -1

diag debug console timestamp ena

diag debug ena (if not via console)

Toshi

IPsec VPN Phase 2 selector shows both upward and downward arrows

Nominate a Forum Post for Knowledge Article Creation