How to Restart ASA Site-to-Site VPN Tunnel


It often happens after your restart, device is unstable, device replacement, or after an outage, the IPSec tunnel will stop working.

Do not panic, you can restart the VPN session.

To restart or reset the VPN session you can issue this command:

clear ipsec sa peer [your peer IP address]

or, you can issue this command to clear all tunnels:

clear crypto isakmp

From my experience, you have to issue this command from both side A and B.

Last, to check the VPN tunnel status you can issue the command:

sh isakmp sa

If there is any traffic that requires the VPN tunnel, the connection will establish itself again.

Goodluck🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s