At day, Iam received continuously 3-4 times vpn connectivity change alert.
And that time, dns and services hosted on cloud that is connected through ip-sec tunnel is unreachable for 5-6 seconds.
This alert comes only during daytime, if there is any problem related to connectivity and power the alert should have come at night also.
Where are the respective ends of the connection?
Do you only have one line at each site?
It looks like a temporary loss of connectivity at either a tail circuit on either site, or congestion over the internet somewhere in between. I'd guess the latter as it is only happening in the day when the internet is generally busier.
Do you have SDWAN+ licensing or Insights? If so you can do some monitoring of the path with those.
First, are you using a currently stable or better firmware image?
I have also seen this happen when the MX is overloaded. You can see the load by going to Organization/Summary report. Set the period to "1 day" at the top. It is in the panel down the bottom left.
What model MX do you have, and how many users do you have?
There should be a panel in the bottom left-hand corner like this:
If you still don't see it, change the report from being for the whole organization to just the one network with the MX.
MX 450 in HA, Users around 500-650 including all devices
You are getting failover events that is causing the problem I believe. This could be the SNORT engine or other crashing, or simply VRRP issues on the LAN side. What devices are the LAN ports of the MXs connected to an how many links are there? What version of MX code are you running?
Current version: MX 18.107.2
Links- 2 ISP leased line Links.
Lan ports in MXs connected- Only core Switches that is also in HA.
I'd update to 18.107.10 as that has quite a few fixes for HA failures and CPU overload failures.
Few days ago , i upgrade MX firmware 18.107.2 to MX 18.210. Many Services got impacted. At last, i roll back to previous version then services starte...
And As i check 18.107.10 is not a stable version.
Indeed, it is a Stable Release Candidate patch firmware. We've used it successfully, but if it doesn't work for you then absolutely roll back!
Ok I will upgrade today, then see.
As for 18.2xx I too have seen issues with that release.
Iam upgraded my MX to 18.107.10 , All services working fine.
Hope! It will resolve my issues. See Tomorrow
Good luck! 🤞🙏
Hi,
Still facing same issue.
Also, if this is to Amazon AWS or Azure, consider using a VMX to resolve this problem.
https://meraki.cisco.com/product/hybrid-cloud/vmx/vmx-small/
We are still approaching to host VMx on same VPC of the AWS, but not getting proper response to do the same from aws end.