Preview Tool

Cisco Bug: CSCur65486 - GETVPN: Fail to delete GMs on sec-KS after 3 scheduled rekeys failure

Last Modified

Oct 14, 2019

Products (16)

  • Cisco IOS
  • Cisco ASR 901-6CZ-FS-D Router
  • Cisco ASR 901-6CZ-F-D Router
  • Cisco ASR 901-4C-FT-D Router
  • Cisco ASR 901S-4SG-F-D Router
  • Cisco ASR 901-6CZ-F-A Router
  • Cisco ASR 901S-2SG-F-D Router
  • Cisco ASR 901S-2SG-F-AH Router
  • Cisco ASR 901-6CZ-FT-A Router
  • Cisco ASR 901-12C-FT-D Router
View all products in Bug Search Tool Login Required

Known Affected Releases


Description (partial)

This problem happen when there are more than 2 COOP-KS running in the network. When KS send cast rekeys to GMs and if GMs fail to ACK back for 3 consecutive rekeys, the primaryKS is supposed to delete the GM from its database and notify all COOP-KS(s) to also delete the GMs. But due to software error in KS, this notification only works for the first secondaryKS configured on the primaryKS. If there are more than 1 secondaryKS(s) configured on the primaryKS, it will fail to notify the second, third... secondaryKS

When running COOP-KS with more than 2 Keyserver
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.