Cisco Bug: CSCtb64927 - VSA - after a while, some outbound SAs stop encrypting [TCAM mismatch]
Jan 30, 2017
- Cisco 7200 Series Routers
Known Affected Releases
Symptom: After some time (~ 24 hours and after a rekey), some of the VPN tunnels stop encrypting traffic. The encrypt counter for the IPSEC SA shows "0", while the decrypt counter shows increasing value. Conditions: - 7200 with VSA - large number of tunnels and SAs - tunnels terminated on a dynamic crypto map with a match statement.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases