AWS Security ChangesHomeSearch

AWS vpn documentation change

Service: vpn · 2025-05-01 · Documentation low

File: vpn/latest/s2svpn/Cisco_ASA_Troubleshooting.md

Summary

Added troubleshooting section for bouncing tunnel interfaces on Cisco ASA devices to resolve connectivity issues

Security assessment

The change adds procedural steps to restart tunnel interfaces for connectivity recovery. There is no mention of security vulnerabilities, exploits, or security feature enhancements. This is a standard operational troubleshooting step.

Diff

diff --git a/vpn/latest/s2svpn/Cisco_ASA_Troubleshooting.md b/vpn/latest/s2svpn/Cisco_ASA_Troubleshooting.md
index 6776a817c..d8fb25df6 100644
--- a//vpn/latest/s2svpn/Cisco_ASA_Troubleshooting.md
+++ b//vpn/latest/s2svpn/Cisco_ASA_Troubleshooting.md
@@ -5 +5 @@
-IKEIPsecRouting
+IKEIPsecRoutingBounce the tunnel interface
@@ -164,0 +165,21 @@ If this reaches the Amazon router, then check the static routes that you added i
+## Bounce the tunnel interface
+
+If the tunnel appears to be up but traffic isn't flowing properly, bouncing (disabling and re-enabling) the tunnel interface can often resolve connectivity issues. To bounce the tunnel interface on a Cisco ASA:
+
+  1. Run the following:
+    
+        ciscoasa# conf t
+    ciscoasa(config)# interface tunnel X  (where X is your tunnel ID)
+    ciscoasa(config-if)# shutdown
+    ciscoasa(config-if)# no shutdown
+    ciscoasa(config-if)# end
+
+Alternately you can use a single-line command: 
+    
+        ciscoasa# conf t ; interface tunnel X ; shutdown ; no shutdown ; end
+
+  2. After bouncing the interface, check if the VPN connection has been re-established and if traffic is now flowing correctly..
+
+
+
+