Guest

Preview Tool

Cisco Bug: CSCtc45487 - Dynamic VTI IKE stuck in MM with failures

Last Modified

Feb 01, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

12.4(15)T9

Description (partial)

Symptoms: On a random set of dVTI spokes, IPSec tunnels get randomly stuck. 
The tunnel interface on the spoke(s) goes down (administratively UP, line 
protocol DOWN). Traffic does not pass anymore although the crypto socket 
shows  "UP", crypto is up, and all looks ok, except for the line protocol is  
down. 
 
The matching virtual-access on the hub stays up. The crypto is still up and
running (DPD is working and even rekey). 
 
Conditions: The symptom is observed with the following conditions: 
 
 - (dVTI) terminating a large set of tunnels.
 - IPSec tunnel protection.
 - Cisco IOS Release 12.4(15)T9.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.