Guest

Preview Tool

Cisco Bug: CSCum18091 - ENH: ikev2 cluster redirect payload have option of type FQDN {RFC 5685}

Last Modified

Oct 14, 2019

Products (1)

  • Cisco IOS

Known Affected Releases

15.4(3)

Description (partial)

Symptom:
This is an enhancement request

IOS IKEv2 VPN server in ikev2 cluster supports ipv4 address in the redirect payload. As per RFC 5685 section "9.2. REDIRECT": "FQDN of the new VPN gateway" is a valid payload and should have an option to mention redirect-FQDN.

If FQDN is not used then "Untrusted certificate warning" will appear even if gateway have valid trusted certificate installed.

Conditions:
** FQDN is used to connect to the VIP address of cluster

** Trusted valid wild card certificate installed on the gateway or subject alt name contain the FQDN equal to physical IP address of the gateway.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.