Help Center>
Virtual Private Network>
FAQs>
Connection or Ping Failure>
How Do I Quickly Restore an Interrupted IPsec VPN Connection?
Updated on 2023-06-16 GMT+08:00
How Do I Quickly Restore an Interrupted IPsec VPN Connection?
- If negotiation cannot be triggered, check connectivity between the public IP addresses of gateways at both ends of the IPsec VPN connection. For example, you can run the ping command to check the connectivity. By default, the Huawei Cloud VPN gateway responds to ICMP packets.
- If connectivity is normal, check whether link switching occurs between outbound interfaces. That is, check whether the traffic for access to the Huawei Cloud VPN gateway is forwarded out from a non-negotiated interface.
- If traffic is forwarded through the correct link, change the PSKs at both ends of the IPsec VPN connection to trigger re-negotiation.
- If re-negotiation fails, check whether the negotiation policies configured at both ends are consistent and whether the interesting traffic configurations at both ends are reversed (same number of configurations and same subnets).
- If the negotiation policies and interesting traffic configurations are correct, disable the VPN connection on the on-premises device. After the VPN connection state on Huawei Cloud changes to Not connected, enable the VPN connection on the on-premises device and trigger a data flow.
- If negotiation still fails, perform the following operations:
- Record the negotiation policies, PSK, local subnets, customer gateway, and customer subnets of the VPN connection configured on Huawei Cloud.
- Use the existing VPN gateway to create another VPN connection. The negotiation policies, PSK, and local subnets are the same as those of the original VPN connection. The customer gateway and customer subnets can be configured randomly.
- After the new VPN connection is created, delete the original VPN connection, and change the customer gateway and customer subnets of the new VPN connection to be the same as those of the original VPN connection.
- Trigger the negotiation again.
If the fault persists, submit a service ticket to Huawei Cloud customer service.
Parent topic: Connection or Ping Failure
Connection or Ping Failure FAQs
- Why Is a VPN Connection Always in Not Connected State After Its Configuration Is Complete?
- How Can I Prevent VPN Disconnections?
- How Do I Quickly Restore an Interrupted IPsec VPN Connection?
- What Will Happen If Traffic Exceeds the Bandwidth of a VPN Gateway?
- Is an IPsec VPN Connection Automatically Established?
- Why Cannot ECSs at the Two Ends of a Normal Cross-Region VPN Connection Ping Each Other?
- Why Cannot Subnets at the Two Ends of a Normal VPN Connection Access Each Other?
- What Do I Do If a VPN Connection Is Interrupted and a Message Indicating Data Flow Mismatch Is Displayed?
- What Do I Do If a VPN Connection Is Interrupted and a Message Indicating DPD Timeout Is Displayed?
- Why Is a VPN Connection in Not Connected State on the Management Console When It Is Already Available?
- Will I Be Notified If a VPN Connection Is Interrupted?
- What Do I Do If a VPN Connection Fails to Be Established?
- What Should I Do If I Cannot Access the ECSs on the Cloud from My On-premises Data Center or LAN After the VPN Connection Has Been Set Up?
- Why Is the State of a Successfully Created VPN Connection Displayed as Not Connected?
- Do Huawei Cloud VPNs Have the DPD Function Enabled?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
