Cisco Bug: CSCta35728 - IPSec deletes wrong tunnel when peer has address change
Jan 27, 2017
- Cisco IOS
Known Affected Releases
Symptom: When an IPSec remote peer has it's ip address changed on the crypto interface, the IPSec tunnel established to the remote peer's new ip address could be torn down by the local peer incorrectly when DPD fails to the remote peer's old ip address. The subsequent attempt from the remote peer will succeed. Conditions: This problem occurs in a dynamic crypto map scenario when there is an IP address change on the peer, and if there is DPD enabled.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases