VPN Connectivity Change

Building a reputation

VPN Connectivity Change

At day, Iam received continuously 3-4 times vpn connectivity change alert.

And that time, dns and services hosted on cloud that is connected through ip-sec tunnel is unreachable for 5-6 seconds.

This alert comes only during daytime, if there is any problem related to connectivity and power the alert should have come at night also.



19 Replies 19
Kind of a big deal
Kind of a big deal

Where are the respective ends of the connection?

Do you only have one line at each site?

It looks like a temporary loss of connectivity at either a tail circuit on either site, or congestion over the internet somewhere in between.  I'd guess the latter as it is only happening in the day when the internet is generally busier.

Do you have SDWAN+ licensing or Insights?  If so you can do some monitoring of the path with those. 

Kind of a big deal
Kind of a big deal

First, are you using a currently stable or better firmware image?

I have also seen this happen when the MX is overloaded.  You can see the load by going to Organization/Summary report.  Set the period to "1 day" at the top.  It is in the panel down the bottom left.


What model MX do you have, and how many users do you have?

Building a reputation

Hi @PhilipDAth 


Last day




There should be a panel in the bottom left-hand corner like this:


If you still don't see it, change the report from being for the whole organization to just the one network with the MX.

Building a reputation



Building a reputation



Building a reputation



MX 450 in HA, Users around 500-650 including all devices

Kind of a big deal
Kind of a big deal

You are getting failover events that is causing the problem I believe.  This could be the SNORT engine or other crashing, or simply VRRP issues on the LAN side.  What devices are the LAN ports of the MXs connected to an how many links are there?  What version of MX code are you running?

Building a reputation

Current version: MX 18.107.2

Links- 2 ISP leased line Links.

Lan ports in MXs connected- Only core Switches that is also in HA.



Kind of a big deal
Kind of a big deal

I'd update to 18.107.10 as that has quite a few fixes for HA failures and CPU overload failures.

Building a reputation

Few days ago , i upgrade MX firmware 18.107.2 to MX 18.210. Many Services got impacted. At last, i roll back to previous version then services starte...

And As i check 18.107.10 is not a stable version.

Kind of a big deal
Kind of a big deal

Indeed, it is a Stable Release Candidate patch firmware.  We've used it successfully, but if it doesn't work for you then absolutely roll back!

Building a reputation

Ok I will upgrade today, then see.

Kind of a big deal
Kind of a big deal

As for 18.2xx I too have seen issues with that release.

Building a reputation

Iam upgraded my MX to 18.107.10 , All services working fine.

Hope! It will resolve my issues. See Tomorrow

Kind of a big deal
Kind of a big deal

Good luck! 🤞🙏

Building a reputation


Still facing same issue.



Kind of a big deal
Kind of a big deal

Also, if this is to Amazon AWS or Azure, consider using a VMX to resolve this problem.


Building a reputation

We are still approaching to host VMx on same VPC of the AWS, but not getting proper response to do the same from aws end.

Get notified when there are additional replies to this discussion.