experiencing remote vpn subnets partially inaccessible on a couple different xg105w's for site to site vpn connections with the same cisco asa5520 after updating from SFOS 16.05.8 MR-8 to SFOS 17.0.0 GA. ipsec connections page will show yellow status for the connection when this happens. connections are main mode rekeying allowed with phase1 & phase2 aes256 / sha1 + dh5 (working on encryption upgrade) dpd disabled. Power cycling xg may resolve the issue for a very short time and then it recurs indefinitely. screenshots below are from vpn >> ipsec connections >> name >> connection detail. I took the easy way out due to time constraints and rolled firmware back to 16 which clears up the problem and retains good status on all the subnet mappings.
This thread was automatically locked due to age.