Guest

Preview Tool

Cisco Bug: CSCuq22233 - ISM: Anti-replay drops with VTI and L2L on same interface

Last Modified

Jan 28, 2017

Products (100)

  • Cisco IOS
  • Cisco 892W Integrated Services Router
  • Cisco 886VA-CUBE Integrated Services Router
  • Cisco 812 CiFi Integrated Services Router
  • Cisco C897VA Integrated Services Router
  • Cisco 819 Hardened Integrated Services Router
  • Cisco 886VAG 3G Integrated Services Router
  • Cisco VG204XM Analog Voice Gateway
  • Cisco 861W Integrated Services Router
  • Cisco 2951 Integrated Services Router
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(4)M6 15.3(3)M3 15.3(3)M4 15.4(2)T2.1 15.4(3)

Description (partial)

Symptom:
Anti-replay drops with ISM with VTI and L2L tunnel on same WAN interface, and a specific configuration mentioned in the next section

Conditions:
All the below conditions are to be met to hit this bug:

1. VTI and L2L on the same WAN interface
2. ISM module used for encryption/decryption
3. One of the access-list entries on the WAN interface is for the ESP traffic for VTI tunnel, with a "log" keyword.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.