Ive been experiencing some strange intermittent issues with multiple clients I manage. every once in a while they will not negotiate a single phase 2 for the VPN. I can resolve this by forcing a re-negotiation. from everything I can see, there is no reason for only one phase 2 to not negotiate. the Meraki side says the VPN is up, but the ASA side tells me which phase 2s are active, and when I try to send pings it does not negotiate the phase 2 to bring it up.
has anyone dealt with this before? if so were you able to resolve it?
Re: ASA to MX VPN stops negotiating a single subnet
I actually did that recently as the issue started with the phase 2 being up, but not passing traffic. at this point at least its not saying the phase2 is up, it just wont negotiate it. I upgraded the ASA's to version 9.8(4)20.