You can view the L2VPN tunnel status and the reason for tunnel failure in both the vSphere Web Client and in the console of the L2VPN appliance.

Problem

L2VPN tunnel between the client and the server is down.

Cause

On the L2VPN server side, the following generic failure message is displayed when the tunnel is down:

Not available. Please check L2VPN client and server system logs/cli for details.

On the L2VPN client side, the SSL connect has failed message is displayed when the tunnel is down due to any of the following reasons:

  • Server address is incorrect.

  • L2VPN Edge server is unreachable or not responding.

  • Cipher or port number is misconfigured on the L2VPN server.

However, if the user ID or password is incorrect, or if the site is disabled from the server, the following message is displayed on the L2VPN client:

Authentication failed, try to log in again.

Solution

  1. Download the Tech Support Logs for the NSX Edge, and check for any failure or error message in the log files that are related to L2VPN.

    Typically, all the logs for the L2VPN server have the following format:

    {Date}NSX-edge-1-0l2vpn:[local0:info]INFO:{MESSAGE}
  2. If the tunnel is down due to a failure in the SSL connection between the client and server, resolve the problem using the following methods:
    • Check whether the server address, server port, and encryption algorithm are configured correctly.

    • Make sure that the standalone L2VPN Edge client has internet connectivity on the uplink port, and the L2VPN Edge server is reachable.

    • Make sure that port 443 is not blocked by the firewall.

  3. If the tunnel is down due to an authentication failure, correct the user name or password, and log in again.