Guest

Preview Tool

Cisco Bug: CSCuq86382 - FLEXVPN IKEv2 auto reconnect | virtual-access | VRF lost | anyconnect

Last Modified

Mar 13, 2018

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases

15.4(3)S

Description (partial)

Symptom:
ASR/FLEXVPN
ANYCONNECT

Conditions:
On client side, AnyConnect is used. Pings are sent in the VPN during all the tests.

The reconnect feature is activated with timeout = 600

An outage is simulated by blackholing the trafic on an intermediate router: the source IP and the destination IP are sent to null 0. When doing this, the client starts the reconnect process and the PE brings the Virtual-Access interface after a short period.

If the connectivity is restored before the Vi interface goes down, the reconnect feature works fine.
If the connectivity is restored after the Vi interface goes down, the client reconnects but something is broken in the installation of the route into the VRF. As a result, the VPN is up but the client connectivity is still down.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.