Cisco Bug: CSCtd47420 - GETVPN - CRYPTO-4-RECVD_PKT_NOT_IPSEC reported for pkt not matching flow
Feb 08, 2017
- Cisco IOS
Known Affected Releases
Symptom: With GETVPN, when a receiver receives an IPSec packet that doens't match anything in its SADB, the router would log a message like this: *Nov 25 19:28:57.607: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet. (ip) vrf/dest_addr= /192.168.14.2, src_addr= 192.168.13.2, prot= 50 Instead, the router should log a %CRYPTO-4-RECVD_PKT_INV_SPI message since the packet received is an IPSec packet. Conditions: This problem occurs when a GETVPN receiver receives an an IPSec packet that doens't match any SAs in its database.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases