Preview Tool

Cisco Bug: CSCuq88419 - GETVPN Suite-B: Adding permit to KS ACL, wrong policy on GM & Sec KS

Last Modified

Oct 14, 2019

Products (108)

  • Cisco IOS
  • Cisco 888W Integrated Services Router
  • Cisco 812 CiFi Integrated Services Router
  • Cisco ASR 901-6CZ-F-D Router
  • Cisco 886VA-CUBE Integrated Services Router
  • Cisco 2951 Integrated Services Router
  • Cisco C897VA Integrated Services Router
  • Cisco 886VAG 3G Integrated Services Router
  • Cisco 892W Integrated Services Router
  • Cisco C892FSP Integrated Services Router
View all products in Bug Search Tool Login Required

Known Affected Releases

15.5(1)S 15.5(1)T

Description (partial)

A GETVPN Suite-B Group Member (GM) has a differently ordered Downloaded ACL than is configured on the Key Server (KS) after adding permits to the ACL and issuing a rekey. Also, the Secondary KS "show crypto gdoi ks policy" output for TEK SPI + Selector does not match the Primary KS with the same conditions.

GETVPN Suite-B is configured and an ACL change is performed on the Key Server (KS) such that permits are added to the top or middle of the ACL, followed by a policy replacement rekey (i.e. "crypto gdoi ks rekey").
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.