general query on vpn tunnel activity log

Question

Hey There,
we have vpn tunnel activity logs enabled on some of our vpn tunnels and the logging works fine for the most part
but while checking an issue we noticed that some tunnels have between 
6 to 10 minute gaps with no activity at all in the logs, just trying to figure out if this is normal behavior because of no requests or the tunnel being in some sort of idle state
The vpn itself is a single tunnel vpn with no acceleration enabled, it has static routing and DPD timeout  is 60 seconds  with an action set to none
if there anything else required please let me know
any info in regards to this would be of great help to us
Thanks in advance
Darren

Answer

Hi Darren,

This is interesting.  This "could" be the appropriate logging depending on the traffic that is sent (data transfer, phase1/2 messages, etc..).  It would be interesting to see if gaps are still seen with some sort of keepalives, such as on prem to EC2 ICMP or something similar.

Just for reference, this is what is captured in the VPN logs when this is enabled. [https://docs.aws.amazon.com/vpn/latest/s2svpn/log-contents.html](https://docs.aws.amazon.com/vpn/latest/s2svpn/log-contents.html)

general query on vpn tunnel activity log

相关内容