An IPSec tunnel fails to be set up for a long time, and then can be established after the IPSec tunnel is reset

The same traffic of the branch is transmitted to the headquarters. The headquarters has an IPSec tunnel to protect traffic between the headquarters and branch. Because the same data flow is protected, the headquarters and branch cannot establish a new IPSec tunnel. After the IPSec tunnel of the headquarters is reset, the old IPSec tunnel is deleted and the new IPSec tunnel can be established.

In this case, you can run the ipsec remote traffic-identical
accept
command to allow users with the same traffic rule as online users to access the IPSec tunnel. The established IPSec SAs are aged rapidly and an IPSec tunnel is reestablished.

Scroll to top