Cisco Bug: CSCsz52638 - DGVPN - transit ESP traffic blocked
Feb 02, 2017
- Cisco ASR 1000 Series Aggregation Services Routers
Known Affected Releases
Symptoms: Transit IPsec traffic is dropped on GM GETVPN. Conditions: The symptoms are observed under the following conditions: 1. A Cisco ASR series router 2. GDOI policy defined to not perform double encryption. 3. R1 connects to R2[GM], connects to R3[GM], connects to R4. (R2 and R3 are two group members of a GETVPN networks.) The GDOI policy is: Deny R1=>R4; Deny R4=>R1; Permit any any.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases