3 Replies Latest reply on Jun 5, 2018 9:09 AM by carsontl

    VPN Site to Site Tunnel Down doesn't work correctly

    shoog

      Has anyone else run into issues with Network Insight for ASAs and the way it handles Site to Site VPN status?

       

      Network Insight finds our site to site VPNs and monitors them without any problems... until a tunnel goes down.  When a tunnel goes down SolarWinds correctly alerts about it.  But just about every single time that I get one of these alerts, I go check the ASA and the VPN tunnel is back up, but I never got an alert from SolarWinds stating that it was back up.  It still shows the tunnel as down.  I think when the tunnel comes back up it may have a different OID, which is why SolarWinds never sees it come back up. 

       

      For the record, this is the standard "VPN Site to Site tunnel down" alert that comes out of the box with Network Insight.  I have not modified it in any way.

       

      This is a huge problem for me because with hundreds of VPN tunnels on our ASA's across the company, it sucks to get woken up in the middle of the night to a VPN down alert only to find that it's up by the time I get out of bed, fire up my laptop, and check the ASA.  With hundreds of tunnels, this happens nightly, sometimes multiple times a night. 

       

      These tunnels are only down for a few seconds normally.  It would be nice to get a follow-up alert stating that the tunnel is back up so that I don't have to waste those twenty minutes verifying that it's up.

       

      As it stands now, I have to disable the alert entirely because it is unusable. 

       

      I do have ticket 00052754 open with TAC but it doesn't look promising.  Seeing as ASA's are still the most popular platform for VPN connections in the world (not that I like it), I would think that there has to be many others out there with this same problem. 

       

      Is anyone else having these problems and has any ideas as to how to fix it?  I tried creating a UnDP for cikeGlobalActiveTunnels but that only gives me the number of tunnels that are active.  I don't know how to extract any details about which tunnel went down.

       

      Thanks ahead of time for any help!