SRX

Expand all | Collapse all

IPSec Tunnel Down Reason: Delete payload received

  • 1.  IPSec Tunnel Down Reason: Delete payload received

    Posted 09-25-2015 22:39

    Hi All,

     

    Can someone please explain me what the below reason means for an IPSec Tunnel?

     

    Tunnel Down Reason: Delete payload received

     

    Thanks for any inputs.

     

    Regards,

    Chandu



  • 2.  RE: IPSec Tunnel Down Reason: Delete payload received

    Posted 09-26-2015 02:46
    Hi Chandu, This output is seen in the phase -2 output of the SRX IPSEC VPN. There may be multiple reason for the VPN tunnel to go down which includes : # Lifetime expired # Delete payload received etc. When this msg is received , it means that the remote peer has send an delete notification to clear the VPN SA. However why this is sent to the SRX may depend upon a situation. Regards Hemant


  • 3.  RE: IPSec Tunnel Down Reason: Delete payload received

    Posted 09-28-2015 03:55

    Hi Hemant,

     

    "However why this is sent to the SRX may depend upon a situation.'

     

    Do you mind to give a few scenarios for this please? The thing is i don't have access to remote device and whenever the tunnel goes down this is the only reason i've seen most of the times, so i need to debug more on this...

     

    Thanks for any inputs.

     

    Regards,

    Chandu



  • 4.  RE: IPSec Tunnel Down Reason: Delete payload received

    Posted 06-14-2016 04:50

    Hi,

     

    I see similar stuff on VPN that is flapping. Local box is SRX240, remote is Cisco ASA (i think).

     

    Did you ever find out any more details on delete payload received?

     

    //Rob



  • 5.  RE: IPSec Tunnel Down Reason: Delete payload received

    Posted 06-14-2016 06:42

    Hi Rob,

     

    There can be multiple reason for the delet payload received , as it has been sent by the remote peer logs from remote peer will give you clarity for this to happen. However few reason that i can recall are:

     

    # DPD failure

    # VPN monitoring failure

    # during rekey when old SA is deleted , notification sent to delete old SA

    # Change in the config 

     

    Regards

    Hemant



  • 6.  RE: IPSec Tunnel Down Reason: Delete payload received

    Posted 08-23-2017 15:13
      |   view attached

    We ran into same issue. Please check other end of the IPsec tunnel. 

     

    Run command "show security ipsec security-associations index xxxxxxx detail"  on both ends of tunnel and look for reason 

    for tunnel been down and you will find it why you get this error.

     

    In my case, it was vpn-monitoring on other end which was causing to send the tunnel down.

     

     

     

    Thanks

    AJ