Can someone please explain me what the below reason means for an IPSec Tunnel?
Tunnel Down Reason: Delete payload received
Thanks for any inputs.
"However why this is sent to the SRX may depend upon a situation.'
Do you mind to give a few scenarios for this please? The thing is i don't have access to remote device and whenever the tunnel goes down this is the only reason i've seen most of the times, so i need to debug more on this...
I see similar stuff on VPN that is flapping. Local box is SRX240, remote is Cisco ASA (i think).
Did you ever find out any more details on delete payload received?
There can be multiple reason for the delet payload received , as it has been sent by the remote peer logs from remote peer will give you clarity for this to happen. However few reason that i can recall are:
# DPD failure
# VPN monitoring failure
# during rekey when old SA is deleted , notification sent to delete old SA
# Change in the config
We ran into same issue. Please check other end of the IPsec tunnel.
Run command "show security ipsec security-associations index xxxxxxx detail" on both ends of tunnel and look for reason
for tunnel been down and you will find it why you get this error.
In my case, it was vpn-monitoring on other end which was causing to send the tunnel down.