Preview Tool

Cisco Bug: CSCtd36473 - IPsec: Outbound context may be deleted prematurely

Last Modified

Mar 06, 2018

Products (2)

  • Cisco ASA 5500-X Series Firewalls
  • Cisco ASA 5580 Adaptive Security Appliance

Known Affected Releases

8.0 8.2(2)

Description (partial)

Outbound encryption traffic in an IPsec tunnel may fail, even if inbound decryption traffic is working.
This issue has been observed on an IPsec connection after multiple rekeys, but the trigger condition is not clear. The presence of this issue can be established by checking the output of "show asp drop" and verifying that the Expired VPN context counter is increasing for each outbound packet sent.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.