'VPN Tunnel Status not found' error for the L2VPN Session
search cancel

'VPN Tunnel Status not found' error for the L2VPN Session

book

Article ID: 400401

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

- We can see that L2VPN Session state is in Failed state --> When we click on the information symbol we can see the Tunnel Status as: VPN Tunnel Status not found

- On the Errors tab we can see the following:

- When VPN is setup using a completely different LocalEndpoint IP it works fine but not on this specific endpoint IP

- Logs from NSX manager show an overlap of a logical router port with the local endpoint 

/var/log/syslog:

2025-05-30T17:16:33.344Z INFO http-nio-127.0.0.1-7440-exec-73 PolicyVpnIPSecVpnFacadeImpl 70517 POLICY [nsx@6876 comp="nsx-manager" level="INFO" reqId="######-#######-#########" subcomp="manager" username=""] IPSecVpnSession with id d######-#######-######### created / updated

2025-05-30T17:16:34.048Z ERROR providerTaskExecutor-25 IPSecVPNLocalEndpointServiceImpl 70500 VPN [nsx@6876 comp="nsx-manager" errorCode="MP110000" level="ERROR" subcomp="manager"] Errors {"moduleName":"VPN","errorCode":110114,"errorMessage":"Local Endpoint IP #.#.#.# overlaps with logical router port(s) [infra-######-#######-#########-dlrp] subnets."} in IPSecVPNLocalEndpoint config IpSecVpnLocalEndpointConfig/######-#######-#########

2025-05-30T17:16:34.048Z WARN providerTaskExecutor-25 IPSecVpnCoreBaseProvider 70500 POLICY [nsx@6876 comp="nsx-manager" level="WARNING" subcomp="manager"] IPSecVpnLocalEndpoint /infra/tier-1s/######-#######-#########/ipsec-vpn-services/######-#######-#########/local-endpoints/######-#######-######### Realization failed Error com.vmware.nsx.management.vpn.common.exception.VPNException: Found errors in the request. Please refer to the related errors for details.

2025-05-30T17:16:34.048Z ERROR providerTaskExecutor-25 PolicyProviderUtil 70500 POLICY [nsx@6876 comp="nsx-manager" errorCode="PM500015" level="ERROR" subcomp="manager"] Unexpected exception received during provider invocation.
com.vmware.nsx.management.vpn.common.exception.VPNException: null
        at com.vmware.nsx.management.vpn.ipsec.service.impl.IPSecVPNLocalEndpointServiceImpl.validateConfig(IPSecVPNLocalEndpointServiceImpl.java:357) ~[?:?]
        at com.vmware.nsx.management.vpn.ipsec.service.impl.IPSecVPNLocalEndpointServiceImpl.createLocalEndpoint(IPSecVPNLocalEndpointServiceImpl.java:188) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor5201.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_372]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_372]
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) ~[?:?]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:208) ~[?:?]
        at com.sun.proxy.$Proxy229.createLocalEndpoint(Unknown Source) ~[?:?]
        at com.vmware.nsx.management.policy.providers.vpn.ipsec.nsxt.IPSecVpnCoreProviderNsxT.createNsxTIPSecVPNLocalEndpoint(IPSecVpnCoreProviderNsxT.java:717) ~[?:?]
        at com.vmware.nsx.management.policy.providers.vpn.ipsec.nsxt.IPSecVpnCoreProviderNsxT.processLocalEndpointChange_aroundBody6(IPSecVpnCoreProviderNsxT.java:388) ~[?:?]


2025-05-30T17:16:34.066Z ERROR providerTaskExecutor-25 PolicyProviderUtil 70500 POLICY [nsx@6876 comp="nsx-manager" errorCode="PM0" level="ERROR" subcomp="manager"] Created alarm Alarm [policyPath=/infra/realized-state/enforcement-points/default/vpn/ipsec/services/NETWORK.######-#######-#########/local-endpoints/######-#######-#########/alarms/######-#######-#########, message=[error_code=110114, module_name=VPN, error_message='Local Endpoint IP #.#.#.# overlaps with logical router port(s) [infra-######-#######-#########-dlrp] subnets.'],errorId=PROVIDER_INVOCATION_FAILURE, path=null, apiError=error_code=110000, module_name=VPN, error_message='Found errors in the request. Please refer to the related errors for details.'
  related_errors=[
  error_code=110114,
module_name=VPN,
error_message='Local Endpoint IP #.#.#.# overlaps with logical router port(s) [infra-######-#######-#########-dlrp] subnets.'
  ], sourceSiteId=null].

Environment

VMware NSX

Cause

This is caused due to a user error because the local end point IP that is configured is the same IP which is also configured on a test VM causing an overlap. Hence the realization failed error. Due to this we can see the L2VPN is Failed state and tunnel status shows: VPN Tunnel Status not found

Resolution

After removing this duplicate IP from the test VM that was using the same Local Endpoint IP, we can now see the L2VPN session state as Success and tunnel status shows all the details:

Powered by Wolken Software