Preview Tool

Cisco Bug: CSCta35728 - IPSec deletes wrong tunnel when peer has address change

Last Modified

Jan 27, 2017

Products (1)

  • Cisco IOS

Known Affected Releases


Description (partial)


When an IPSec remote peer has it's ip address changed on the crypto interface,
the IPSec 
tunnel established to the remote peer's new ip address could be torn down by
the local peer
incorrectly when DPD fails to the remote peer's old ip address. The subsequent
attempt from 
the remote peer will succeed.
This problem occurs in a dynamic crypto map scenario when there is an IP
address change on the peer, and if there is DPD enabled.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.