Guest

Preview Tool

Cisco Bug: CSCuj84219 - 15.2(4)M - %CRYPTO-6-IKMP_NO_ID_CERT_FQDN_MATCH warning on GETVPN KS

Last Modified

Apr 18, 2019

Products (1)

  • Cisco IOS

Known Affected Releases

15.2(4)M4.3

Description (partial)

Symptom:
Error messages shown on KS after SW upgrade to 15.2(4)M. Whenever a GM
with multiple GDOI groups registers, an error message is logged on the respective KS:
Oct  4 11:31:28.477 CEST: %CRYPTO-6-IKMP_NO_ID_CERT_FQDN_MATCH: ID of
ce-de-xxxxx.wan.domain.net (type 2) and certificate fqdn with ce-de-xxxxx

Conditions:
Multiple GDOI groups with different GETVPN local-addresses configured on GM. 
GM/KS are ISR G2 routers running on 15.2(4)M code.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.