Guest

Preview Tool

Cisco Bug: CSCum78260 - GETVPN: GM invalid SPI recovery still trigger after refresh rekey

Last Modified

Aug 14, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

15.4(1)T3.1 15.4(1.16)S0.10 15.4(1.16)S0.12 15.4(1.16)S0.5 15.4(1.24)T0.1 15.4(2.13)S 15.4(2.2)T 15.4(2.5)S 15.4(2.9)S

Description (partial)

Symptom:
When GM detects an invalid SPI generated by the group, it will schedule a invalid SPI recovery registration to happen at a later time to refresh its policy/keys. If a GM receive a KS refresh rekey before the recovery registration happen, the GM is supposed to cancel the recovery registration. Due to this defect, the recovery registration is still happening which is unnecessary.

Conditions:
Issue is only seen if GM receive a refresh rekey before the recovery registration is triggered
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.