Guest

Preview Tool

Cisco Bug: CSCur11519 - C7200 - GETVPN-decryption stops after removing 2nd crypto map instance

Last Modified

Sep 14, 2019

Products (43)

  • Cisco 7200 Series Routers
  • Cisco VG224 Analog Voice Gateway
  • Cisco 1812 Integrated Services Router
  • Cisco AS5400XM Universal Gateway
  • Cisco 878 Integrated Services Router
  • Cisco Catalyst 6500 Series Communication Media Module
  • Cisco 1803 Integrated Services Router
  • Cisco 7206 Router
  • Cisco 7301 Router
  • Cisco AS5350XM Universal Gateway
View all products in Bug Search Tool Login Required

Known Affected Releases

12.4(15)T17 15.3(3)M3

Description (partial)

Symptom:
If we attach the same GDOI crypto map to two different WAN uplink sub-interfaces on a GETVPN GM based on the ISR G2 + ISM crypto module and then perform the steps listed below, we will observe that encryption stops.

Conditions:
C7200 + VSA engine installed

1. Shut down the secondary WAN to CE sub-interface on the CE side
2. Remove the crypto-map from the secondary WAN sub-interface
3. Encryption stops
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.