Guest

Preview Tool

Cisco Bug: CSCun83548 - conditional ikev2 debugging should properly handle IKE_CFG parsing

Last Modified

Nov 27, 2020

Products (2)

  • Cisco 2600 Series Multiservice Platforms
  • Cisco 2600 Series Multiservice Platforms

Known Affected Releases

15.4(1)T1

Description (partial)

Symptom:
Config-request - Config-reply - Config-set/ack  Debug messages are not filtered like it should when conditional ikev2 debugging is turned on. Theses messages coming from other peers will get printed in the syslog.  Example below:

*Mar 20 09:00:13.882: Config-type: Config-request
*Mar 20 09:00:13.882: Attrib type: ipv4-addr, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-netmask, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-dns, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-dns, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-nbns, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-nbns, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv4-subnet, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv6-dns, length: 0
*Mar 20 09:00:13.882: Attrib type: ipv6-subnet, length: 0
*Mar 20 09:00:13.882: Attrib type: app-version, length: 257, data: Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T1, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 12-Feb-14 11:16 by prod_rel_team
*Mar 20 09:00:13.882: Attrib type: split-dns, length: 0
*Mar 20 09:00:13.882: Attrib type: banner, length: 0
*Mar 20 09:00:13.882: Attrib type: config-url, length: 0
*Mar 20 09:00:13.882: Attrib type: backup-gateway, length: 0
*Mar 20 09:00:13.882: Attrib type: def-domain, length: 0
*Mar 20 09:00:13.882: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to down
*Mar 20 09:00:13.883: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up
*Mar 20 09:00:13.889: Config-type: Config-reply
*Mar 20 09:00:13.889: Attrib type: ipv4-addr, length: 4, data: 10.1.1.3
*Mar 20 09:00:13.889: Attrib type: ipv4-subnet, length: 8, data: 10.0.0.1 255.255.255.255
*Mar 20 09:00:13.889: Attrib type: ipv4-subnet, length: 8, data: 0.0.0.0 0.0.0.0
*Mar 20 09:00:13.889: Attrib type: app-version, length: 257, data: Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T1, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 12-Feb-14 11:16 by prod_rel_team
*Mar 20 09:00:13.889: Attrib type: banner, length: 9, data:  Welcome 
*Mar 20 09:00:13.889: Attrib type: def-domain, length: 10, data: cisco.com
*Mar 20 09:00:13.908: %IKEV2-5-SA_UP: SA UP

R1-HUB#
*Mar 20 09:00:13.952: Config-type: Config-set
*Mar 20 09:00:13.952: Attrib type: ipv4-subnet, length: 8, data: 10.1.1.3 255.255.255.255
*Mar 20 09:00:13.952: Attrib type: ipv4-subnet, length: 8, data: 192.168.103.0 255.255.255.0
*Mar 20 09:00:13.952: Attrib type: app-version, length: 257, data: Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.4(1)T1, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Wed 12-Feb-14 11:16 by prod_rel_team
*Mar 20 09:00:13.952: Config-type: Config-ack
*Mar 20 09:00:13.952: Attrib type: ipv4-subnet, length: 0

Conditions:
Conditional debugging of ISR G2 or ASR1000 series Router terminating multiple ikev2 sessions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.