Avalanche: Cyberflood: IPSec Site to Site VPN shows unsuccessful after VPN Rekey process happens, VPN shows UP but no more traffic is successful.

• Main issue reported on this scenario is that IPSec VPN Site to Site gets established as expected during the VPN Establishment (Begining of the test), but once the REKEY happens there are unsuccessful traffic, no more HTTP transactions succed and no other interesting traffic is allowed in the vpn tunnel. • If you check the VPN tunnel status this shows as UP/CONNECTED but once the REKEY happens through the ISAMKP packet (CREATE_CHID_SA), The tunnel shows up on the Cisco ASA through the command "show crypto isakmp sa" and from Avalanche Commander Realtime Statistics. • Once you check the REKEY Packets (CREATE_CHILD_SA) you will notice that traffic selectors sent by the Cisco ASA firewall are wrong during the Rekey Process: • First of all you will notice that Cisco ASA firewall sends two Address Ranges on the Rekey for both the Traffic Selector - Initiator  & Traffi Selector - Responder. But AVC only processes the first one. • Secondly the Address Ranges are in a Subnet IP Address range instead of real IPs from the interesting traffic.

N/A