Symptom

No new IKEv2 connections are possible and ASA reload is required. Error seen: "unable to open aaa session: session limit [2048] reached" "ikev2 SA DOWN. Reason:local failure-"

Conditions

ASA multicontext IKEv2 L2L VPNs Peers on LTE - disconnecting frequently

Workaround

None - reload ASA. Proactively monitor the following output and plan a reload before reaches 0: debug menu aaa 62 FREE AUTH HANDLE STATS Available Sessions: 2048 Max Session Cap: 2048 Free List Count: 1186 <--- decreases Free List Head: 1472 Free List Tail: 1468

Further Problem Description