Hi, we have a setup (lab environment) with 2 MCs, MC1 & MC2 in a cluster, where VIA VPN is being done to one of the MCs through an AP in the cluster. Here's a description of the problem:
1. VPN client connects successfully. I can see ipsec SA built successfully in the logs
2. VPN client disconnects itself constantly & rebuilds constantly, every few seconds.
Notes:
- Controllers clustered
- Client connected to AP2, A-AAC is MC2
- Client's A-UAC is MC2
- Client VPN opens successfully to MC1, but keeps getting torn down.
During testing, we created 2 VIA connection profiles, one for MC1 and one for MC2. We noticed that when:
- VIA VPN to MC2, Client's A-UAC is MC2, connection is stable. No disconnects.
- VIA VPN to MC1, client's A-UAC is MC2, constant disconnects.
So when the client's VIA VPN controller is different from its A-UAC, the disconnect issue is seen.
In the errorlog, we see the following log repeatedly:
datapath-userrem(ipv4/L2) failed: mac=00:00:00:00:00:00 IP=172.16.10.50, action=0x8001
Thoughts?