EzVPN sometimes ping only in one direction or only one interface

Guys, I have lots of 857's routers in the field with mostly the latest OS - 12.4(15)T17 making ezVPN connections to a 2951 with 15.1(4)M5.
All the 857's have lookback and vlan interfaces similar to :
interface Loopback0
ip address 50.43.8.1 255.255.255.255
ip tcp adjust-mss 1452
end
interface Vlan1
ip address 40.43.8.1 255.255.255.128
ip tcp adjust-mss 1452
crypto ipsec client ezvpn SMS_VPN inside
end
This is my Dialer interface :
interface Dialer0
ip ddns update hostname my_custom_host_name
ip ddns update SMS_DynDNS
ip address negotiated
ip access-group 102 in
ip access-group 101 out
ip mtu 1492
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
ppp authentication chap pap callin
ppp chap hostname my_hostname
ppp chap password 0 my_password
ppp pap sent-username my_hostname password 0 my_password
ppp ipcp dns request accept
crypto ipsec client ezvpn SMS_VPN
And their crypto's are defined as :
crypto ipsec client ezvpn SMS_VPN
connect auto
group HW_Client key my_client_key
mode network-extension
peer my_peer_ip
acl 100
username my_username password my_password
xauth userid mode local
Now lately for some or other reason we have instances where I can ping either the VLAN or the LOOPBACK interface, but not both. Or I have instances where the 2951 can ping all the interfaces on the 857, but the 857 can not ping the 2951. Or I have instances where the 2951 can not ping the 857, but the 857 can ping the 2951.
The way I have been fixing this is either to add crypto ipsec client ezvpn SMS_VPN inside to the loopback interface, or if it is there already to remove it. This usually works for a few days, but then suddenly I have to reverse this again. If that does not work then I usually do lots of clear crypt sess and/or clear crypt ipsec client ezvpn on the 857, or clear crypt sess remote 857_ip_address from the 2951 and then suddenly it starts working again.
Surely there must be something wrong, but I just can not figure out what. Any ideas ?!

Bump ... Anyone please ...

Similar Messages

  • Mls qos enabled globally and disabled for only one interface

    Hello !
    My switch is Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.0(2)EX5, RELEASE SOFTWARE (fc1)
    I try to disabled mls qos only for one interface, but when i do it, mls qos is globally disabled. Is it possible to do it ? 
    XXX#show mls qos
    QoS is enabled
    QoS ip packet dscp rewrite is enabled
    XXX#conf t
    Enter configuration commands, one per line.  End with CNTL/Z.
    XXX(config)#interface gigabitEthernet 1/0/5
    XXX(config-if)#no mls qos
    XXX(config)#exit
    XXX#
    XXX#show mls qos
    QoS is disabled
    QoS ip packet dscp rewrite is enabled
    Thanks in advance for your help !!
    Denis

    Hi Denis,
    You cant disable the QOS on per interface on 2960 devices.
    By default, QoS is disabled. When we enable QoS all ports
    will be assigned to queue-set 1. We can configure up to two
    different queue-sets.
    Hence if you remove the qos out of the interface it would be disabled globally as well.
    HTH

  • HT201269 Hi I've been using apple products for sometime now , I have one iPad , & 2 iPhones under my apple Id but that's as I know oh and maybe an old mini iPod I lost but my question is, is there any way to check how many devices are under your apple ID

    Hi I've been using apple products for sometime now , I have one iPad , & 2 iPhones under my apple Id but that's as I know oh and maybe an old mini iPod I lost but my question is, is there any way to check how many devices are under your apple ID ?

    If you have registered all your Apple products, you can see them at:
    https://supportprofile.apple.com

  • Two message mapping in one interface mapping

    hi,
    my scenario is idoc to file and i am using java mapping(not UDF) for some fields as well as graphical for rest of the fields.
    I want to add these two mapping program in one interface mapping to generate final target, but the problem is it is not creating final file structure, but when i add only one mapping(either one) it works fine. 
    I'm doing this because I have to add value mapping, after the value i get through java mapping or is it possible to use static value mapping within the java mapping itself.
    Please help.....

    Hi,
    In addition to what Moorthy said you first test mapping individually and see if it works fine. While testing you make sure you are giving the right input, I mean if Java mapping comes second you need to give the output XML of the Graphical mapping or vice versa.
    Hope in Java mapping is done properly and you are returning the expected structure as output. For example if you are using Java mapping as the first one your ouput should be exaclty like that of source structure with the values filled.
    Regards,
    Prakash

  • Two Message Mappings in one Interface Mapping without using BPM

    Hello Experts,
    I have this scenario, please help me
    I have to execute two mappings of which one is a java mapping and then the other is a message mapping sequentially.
    The mapping is something like below
    Message1  -> (java Mapping) -> Message2
    Message2
    Message1 -> (Message Mapping) -> Message3
    Based on the value in Message2 I have to map Message1 to Message3
    I am not an expert in java so please give me options that doesn't involve changing of java code.
    The above 2 mappings have to be implemented in only one interface mapping.
    Suggestions please.

    Hi Ravi!
    You say message2 dependes on message1 and message3 is mapped from message1 but using also values from message2? But this means, that whole mapping dependes only on message1!
    So change your mapping and use the one not based on message2, but message1. Put these as a condition in interface determination and based on these values use the correct mapping.
    Peter
    p.s. I'm not sure, if I got your requirement correctly, but your target message dependes only on message1 (since message2 dependes on it too), so this whole mapping can be done as 1. Unfortunately, you'll probably have to change your java part. Bur definetely, Raj is right.
    Edited by: Peter Jarunek on Feb 20, 2008 5:36 PM

  • How can I get the number request's (count) for One interface

    Hi Guru's,
    I have a requirement,One interface say Hello world._How can I get the number request's (count) for this interface_.I thing with BAM it's possible.
    But I have no idea about BAM.If is there any alternative please give directions and instruction how to achieve this task.
    Can any body help.Thanks in advance.
    Regards
    Mani

    You have to query the SOA_INFRA schema to get the answer.
    Build a select query in cube_instance table.
    Thanks,
    Vijay

  • May I start more than one interface at boot using network profiles ?

    Hi everybody,
    I installed ArchLinux on my laptop and I was playing with network profiles to obtain different configurations of the ethernet and wireless interfaces for home, office etc. Everything works fine using "!" in from of each configuration name in /etc/rc.conf and I found useful the menu option.
    As far as I understood each configuration file in /etc/network-profiles/ correspond to one interface only, therefore this utility does not allow me to start more than one interface at boot time. Am I right?
    In this case it exist already a script to choose between different configuration for two interfaces?
    Thanks in advance
    Jimmi

    Welcome to the Apple Community da dad.
    Yes you can connect multiple Apple TV's by ethernet.
    What do you mean by outside.

  • Message splitting-- Queue stopped when no message created for one interface

    Hi all,
    I think you saw one post regarding this issue in SDN, but I can't find the post any more.
    So, I have message splitting (it's multiple mappings to map one outbound msg to multip inbound msgs, not one mapping to map 1 to n. This is because of our own reason, but should not affect the analysis of the issue) to split one message to multiple. It works fine if the outbound message contains data for every inbound interface. However if the outbound message does NOT contain data for any one inbound message, there is an error in MONI and all subsequently splitted messages will not be passed in IE. The error in MONI says Split mapping created no messages, and Queue status turns to be Queue Stopped, and thus all the subsequently splitted messages are stuck in the queue.
    Why this? and how to solve this problem?
    Thanks
    Jayson

    >
    Jayson wrote:
    > Hi all,
    >
    > I think you saw one post regarding this issue in SDN, but I can't find the post any more.
    >
    > So, I have message splitting (it's multiple mappings to map one outbound msg to multip inbound msgs, not one mapping to map 1 to n. This is because of our own reason, but should not affect the analysis of the issue) to split one message to multiple. It works fine if the outbound message contains data for every inbound interface. However if the outbound message does NOT contain data for any one inbound message, there is an error in MONI and all subsequently splitted messages will not be passed in IE. The error in MONI says Split mapping created no messages, and Queue status turns to be Queue Stopped, and thus all the subsequently splitted messages are stuck in the queue.
    >
    > Why this? and how to solve this problem?
    >
    > Thanks
    > Jayson
    Hi Jyson,
    what i analyse from this is you may be using different maapings and different inbound interfaces
    but your receiver is the same and hence you are using only one interface determination with all the   interface mappings specified there...
    if this is the case..i suggest you remove the "maintain order at runtime "
    tick in that interface detemination and it will surely work
    giving points is another way to say thanks
    Edited by: Tarang Shah on Mar 20, 2009 7:18 PM

  • Collecting and Bundling Messages - One Interface

    Hi ,
    I am trying this Collecting and Bundling Messages - One Interface my interface is File .
    Followed all the steps in the SAP documentation under Examples and Usage cases.
    But I get only one message from the inbound channel .
    when I check the Mapping in the MONI . It shows 2 instances of interface in the MessageIn but the output message of the BPE moni shows only 1 message . Message that is in the first instance of the  Mapping IN .
    Is it error in the multi mapping ? can some body through some light on this ..
    Regards,
    KLK

    Hi Behaves & Moor,
    S, I am trying the pattren given by SAP . Following the weblink given by Mr.Moorty.
    I made source and Target Msg type as 0.. Unbound  and Multiline for Transformation step.
    But when I test the mapping in the Design time by importing a XML with following structure (Please dont mind bad syntax)
    <Messages >
       <ns0:Message1>
          <Filesender_MT >
             <Record>
                <Row>
                   <ID>1</ID>
                </Row>
             </Record>
          </ns1:Filesender_MT>
       <Message1>
       <Message2>
        <Filesender_MT >
             <Record>
                <Row>
                   <ID>2</ID>
                 </Row>
             </Record>
          <Filesender_MT>
       <Message2>
    </Messages>
    I get only one message :
    <Messages >
       <ns0:Message1>
          <Filesender_MT >
             <Record>
                <Row>
                   <ID>1</ID>
                </Row>
             </Record>
          </ns1:Filesender_MT>
       <Message1>
      <Messages>
    which is wht i am getting from the inbound CC.
    how do I test Multi Mapping ? and when I check the MONI->PE --> Technical Details --> Mapping --> MappingIN
    It shows 1 entry but the nestted table shows both the file contents that I have put in the Sender Communication channel.
      I am putting 2 files in the Sender CC and expecting these two file contents to Merge and give me 1 file as out put . this is the scenario understood from the SAP documentation please correct me if I am wrong .
    Thanks and Regards
      K.L.K

  • One Interface - Two different maps - How to define which mapping to execute

    Hi all,
    I have created a SalesOrderCreate soap interface to BAPI_SALESORDER_CREATE to create SalesOrders on ECC600 from a legacy application. Now I have another legacy app that needs to create SalesOrders, but with some different mapping rules, using the same bapi.
    The first think I thought was to create another soap interface. But the principle of Enterprise Services is to use only one interface for each service (so, I was supposed to use the same soap interface). Then I have one soap interface and two different message mappings to the same BAPI.
    The question is how can I define that when the message comes from legacy "A" the mapping "A" would be executed, and when the message comes from legacy "B", the mapping "B" would be executed.
    Thanks!
    roberti

    Hi,
    >>>> But the principle of Enterprise Services is to use only one interface for each service (so, I was supposed to use the same soap interface).
    the concept of Enterprise Services is as you say
    but in your case it means that you need to use the same mapping... <-- as it's a part of your WS!
    you need to use the same soap interface without any changed inside it
    (in your case inside your mappings)
    if you want to reuse your first interface you can do this:
    - create another soap interface from second legacy to first soap interface
    (there you can use another mapping)
    this way you will reuse your previous work
    this is Enterprise Services concept and not changing
    web service logic (in this case mapping) for every new system
    Regards,
    michal
    <a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a>

  • LOST TCP SESSION, LDP AND BGP, OVER ONE INTERFACE

    On 7609 PE router, lost only TCP session attach to one interface (Te3/3). The router shows this log
    Aug  4   13:17:31.424: %LDP-5-NBRCHG: LDP Neighbor 200.111.117.251:0 (1) is DOWN   (Session KeepAlive Timer expired)
    Aug  4   13:19:52.493: %BGP-5-ADJCHANGE: neighbor 200.11.96.126 Down BGP Notification   sent
    Aug  4   13:19:52.493: %BGP-3-NOTIFICATION: sent to neighbor 200.11.96.126 4/0 (hold   time expired) 0 bytes
    Aug  4   13:42:11.265: %BGP-5-ADJCHANGE: neighbor 200.11.96.126 Up
    Aug  4   13:42:23.549: %LDP-5-NBRCHG: LDP Neighbor 200.111.117.251:0 (1) is UP
    The device did not present a interface flap.
    The device did not present lost of OSPF adyacency, over the same interface
    The device did not present lost of TCP session over oher interfaces
    Please help me,
    I suspect a bug, but I failed to find
    Christian

    Hi Nagendra
    This is output og sh tcp brief
    PE2-PCS-RANCAGUA#sh tcp brief
    TCB       Local Address               Foreign Address             (state)
    4B558124  200.11.98.9.646             200.11.98.37.51654          ESTAB
    53336910  200.11.98.9.646             200.111.117.61.49833        ESTAB
    4B4CF2A0  200.11.98.9.646             200.111.117.20.64138        ESTAB
    536E56A4  200.11.98.9.61369           200.11.96.126.179           ESTAB
    53359454  200.11.98.9.22913           200.11.96.81.646            ESTAB
    4B6C25EC  200.11.98.9.646             200.111.117.251.53802       ESTAB
    537CFBE4  200.11.98.9.62975           200.11.96.125.179           ESTAB
    5330A774  200.11.98.9.646             200.111.117.86.62367        ESTAB
    4B4D97EC  200.11.98.9.18753           200.11.96.88.646            ESTAB
    4B018A28  200.11.98.9.61292           200.11.98.8.646             ESTAB
    4B0B176C  200.11.98.9.23              190.151.64.218.36508        ESTAB
    4B1976F0  200.11.98.9.17760           190.151.97.92.646           ESTAB
    4B261BD0  200.11.98.9.646             200.72.146.42.64641         ESTAB
    537CEFF8  200.11.98.9.646             200.111.117.74.54785        ESTAB
    531F4890  200.11.98.9.15536           190.151.97.77.646           ESTAB
    5359F5B4  200.11.98.9.24658           190.151.97.74.646           ESTAB
    PE2-PCS-RANCAGUA#
    Christian

  • One interface of pair goes down

    Hi
    If two interfaces are paired into one group and one interface of pair goes down, will the second interface will be declared as down by IPS?

    Hi,
    I I have a problem connected to this issue.
    I have only one IPS4270-20 with software 7.0(7)E4 and I use 2 IF pairs on it. Both IF pairs are for the same operation, and they were implemented for HA purposes. We have two 6500 chassis in VSS and all of the IPS ports connected to these switches. Gi3/0-Gi3/1 and Gi1/2-Gi3/3 are in pair, and Gi3/0-Gi3/2 are the inbound and Gi3/1-Gi3/3 are the outbound interfaces, so it achieves the hardwer failover requirements. Inbound IFs creat an Etherchannel, and outbound IFs creat an other Etherchannel, so we try to prevent an L2 loop when VSS breaks.
    The issue what I can't solve is the following:
    If I shut down the 6500 IF what is connected to the IPS Gi3/0 I would like Gi3/1 to goes down, but it isn't the case.
    I tried to use LACP in the Etherchannel, so when Gi3/0 goes down, the 6500 port which connected to the IPS Gi3/1 should be removed from the Etherchannel, but it isn't the case also.
    Do you have an idea, what could be the problem, or I should redesign the topology?
    Thanks,
    Miki

  • Can i use one interface to load data into 2 different tables

    Hi Folks,
    Can i use one interface to load data into 2 different tables(same schema or different schemas) from one source table with same structure ?
    Please give me advice
    Thanks
    Raj
    Edited by: user11410176 on Oct 21, 2009 9:55 AM

    Hi Lucky,
    Thanks for your reply,
    What iam trying is ...Iam trying to load the data from legacy tables(3) into oracle staging tables.But i need to load the same source data into two staging tables(these staging tables are in two different schemas)
    can i load this source data into two staging tables by using single standard interface(some business logic is there)
    If i can then give me some suggestion how to do that
    Thanks in advance
    Raj

  • How to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    how to configure one dsl connection and one public ip in cisco router and map to one interface for using exchange server

    Hi ,
     Have you got any additional public IP Address from your service provider , If yes on router you can have static route for those additional IP Address pointing to your ASA  outside interface . 
    Accordingly you can configure NAT 
    HTH
    Sandy . 

  • How to check owner for one interface in production system?

    Hello All,
    Please tell me the transaction were i can check owner for one interface in production system.
    Client had created owner for one interface, so were can i check it.
    Thanks and Regards,
    Chinna

    Thanks for the reply,
    i dont want to check the developer name in IR /ID.
    in production system one interface is running and i got mail to check the  generic user and role for that interface.
    iam also bit confused on it
    If u have any idea let me know.
    Thanks and regards,
    chinna

Maybe you are looking for