Preview Tool

Cisco Bug: CSCum84172 - DMVPN: Need to protect nodes from being triggered as behind NAT.

Last Modified

Dec 17, 2018

Products (17)

  • Cisco IOS
  • Cisco ME 3600X-24TS-M Switch
  • Cisco 7301 Router
  • Cisco 7206 Router
  • Cisco 7206VXR Router
  • Cisco 7204 Router
  • Cisco 7202 Router
  • Cisco 7600 Series Route Switch Processor 720 with Multilayer Switch Feature Card
  • Cisco ME 3600X-24FS-M Switch
  • Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks
View all products in Bug Search Tool Login Required

Known Affected Releases

15.0M 15.1T 15.2(4)S

Description (partial)

Incorrect NHRP mapping information for a hub can be propagate throughout the DMVPN network and cause data packet forwarding via a spoke-hub-spoke path even when a spoke-spoke direct path has been built and the sending nodes "thinks" it is sending on the direct path.

A DMVPN spoke node is mis-configured with the correct tunnel IP address, but the wrong NBMA address for a hub (hub1). In this case the incorrect NBMA address would be for a different hub (hub2).

Hub1 is configured to be both a hub and a spoke. I.e. it can be the end-point for spoke-spoke tunnels.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.