Guest

Preview Tool

Cisco Bug: CSCtb39756 - GETVPN KS assuming primary role removes old TEK after Primary KS Reload

Last Modified

Jan 24, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

12.4(20)T3

Description (partial)

Symptoms: New GM is not able to communicate to existing GMs.
 
 Conditions: The symptom is observed under the following conditions:
 
 1. Primary keyserver reloads.
 2. Secondary keyserver takes over role as primary and removes the old TEK and
 creates a new TEK2.
 3. During the period where the existing GMs have both old and new TEK keys, 
any new GM that registers will only get the new TEK. This new GM will not be 
able to communicate to the existing GMs until the old TEK expires.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.