Preview Tool

Cisco Bug: CSCsz53124 - IPSEC VPN interoperability issue when IPCOMP compression enabled

Last Modified

Jan 24, 2017

Products (3)

  • Cisco IOS
  • Cisco Prime Service Catalog 12.0
  • Cisco Unified MeetingPlace 8.5

Known Affected Releases

12.0 12.4T

Description (partial)


With IOS router, when ipcomp (ip compression) is enabled for ipsec vpn
transform set it may fail to interoperate with ASA or other third party
devices when the SPI used in the IPCOMP proposal payload  is 3 
or a value in the 1-255 range. 

The debugs will show: 
illegal SPI given for IPSec SA  proposal 1, protocol 4, SPI 3 


IP compression is used in the transform set for ipsec.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.