Guest

Preview Tool

Cisco Bug: CSCum39982 - IKEv1 IOS to ignore SPI == 0x0000 when SPI size==4 in Informational

Last Modified

Oct 05, 2016

Products (74)

  • Cisco IOS
  • Cisco VG204XM Analog Voice Gateway
  • Cisco C897VA Integrated Services Router
  • Cisco 886VA-CUBE Integrated Services Router
  • Cisco 2951 Integrated Services Router
  • Cisco 1905 Serial Integrated Services Router
  • Cisco 886VAG 3G Integrated Services Router
  • Cisco 861W Integrated Services Router
  • Cisco 881SRSTW Integrated Services Router
  • Cisco 888W Integrated Services Router
View all products in Bug Search Tool Login Required

Known Affected Releases

15.3(3)M

Description (partial)

Symptom:
StrongSwan 5.1.1 (current newest) while receiving invalid Proxy ID (which it does not expect) sends notify INVALID_ID_INFO with protocol id == 3, with empty SPI (0x0000) and without message_id in notification payload, IOS is removing all Phases 2 with that peer.

Conditions:
StrongSwan 5.1.1 and mismatch crypto ACL set up
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.