A company is experiencing intermittent connectivity issues between two branch offices connected via an IPSec tunnel. Users report that they can access resources for a few minutes, then lose connectivity, and after a short time it comes back. Which troubleshooting step should be taken first?
Trap 1: Check the traffic logs for any denial events
While logs can show drops, the intermittent pattern points to tunnel rekey issues, not policy denies.
Trap 2: Reboot the firewall to clear any stale sessions
Rebooting is disruptive and rarely resolves an intermittent rekey issue.
Trap 3: Verify the routing table on both firewalls
Routing is likely static; intermittent loss is not typical of a routing problem.
- A
Check the traffic logs for any denial events
Why wrong: While logs can show drops, the intermittent pattern points to tunnel rekey issues, not policy denies.
- B
Check the IPSec tunnel status and IKE/IPSEC SA rekey timers
Intermittent connectivity every few minutes often indicates a mismatch in SA lifetime or rekey failure.
- C
Reboot the firewall to clear any stale sessions
Why wrong: Rebooting is disruptive and rarely resolves an intermittent rekey issue.
- D
Verify the routing table on both firewalls
Why wrong: Routing is likely static; intermittent loss is not typical of a routing problem.