Preview Tool

Cisco Bug: CSCum78260 - GETVPN: GM invalid SPI recovery still trigger after refresh rekey

Last Modified

Aug 14, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

15.4(1)T3.1 15.4(1.16)S0.10 15.4(1.16)S0.12 15.4(1.16)S0.5 15.4(1.24)T0.1 15.4(2.13)S 15.4(2.2)T 15.4(2.5)S 15.4(2.9)S

Description (partial)

When GM detects an invalid SPI generated by the group, it will schedule a invalid SPI recovery registration to happen at a later time to refresh its policy/keys. If a GM receive a KS refresh rekey before the recovery registration happen, the GM is supposed to cancel the recovery registration. Due to this defect, the recovery registration is still happening which is unnecessary.

Issue is only seen if GM receive a refresh rekey before the recovery registration is triggered
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.