How do I debug IPsec tunnel down between controller 7210 (address 10.229.111.222 below) and RAP (address 168.228.154.273) ? My tunnel went down couple of days ago, I captured IPSEC traffic on network, see below:
15:20:46.931398 IP 168.228.154.273.13340 > 10.229.111.222.ipsec-nat-t: UDP-encap: ESP(spi=0x8d187300,seq=0xd), length 132
15:20:46.931592 IP 10.229.111.222.ipsec-nat-t > 168.228.154.273.13340: UDP-encap: ESP(spi=0xbdd8f700,seq=0x3c), length 132
But on controller tunnel is down... please advise
(WifiCtr01w) #show crypto ipsec sa peer 168.228.154.273
% No active IPSEC SA for 168.228.154.273
#7210