Preview Tool

Cisco Bug: CSCtd47420 - GETVPN - CRYPTO-4-RECVD_PKT_NOT_IPSEC reported for pkt not matching flow

Last Modified

Feb 08, 2017

Products (1)

  • Cisco IOS

Known Affected Releases


Description (partial)

With GETVPN, when a receiver receives an IPSec packet that doens't match
anything in its SADB, the router would log a message like this:

*Nov 25 19:28:57.607: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an
IPSEC packet. (ip) vrf/dest_addr= /, src_addr=, prot= 50

Instead, the router should log a %CRYPTO-4-RECVD_PKT_INV_SPI message since 
the packet received is an IPSec packet.

This problem occurs when a GETVPN receiver receives an an IPSec packet that 
doens't match any SAs in its database.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.