Guest

Preview Tool

Cisco Bug: CSCvj16489 - Enabling IPSec Anti-Replay with SNS in an IPSec profile enables it globally.

Last Modified

Aug 10, 2018

Products (14)

  • Cisco IOS
  • Cisco 4221 Integrated Services Router
  • Cisco 4321 Integrated Services Router
  • Cisco ASR 1002-X Router
  • Cisco 4431 Integrated Services Router
  • Cisco 4331 Integrated Services Router
  • Cisco ASR 1001-X Router
  • Cisco 4351 Integrated Services Router
  • Cisco Cloud Services Router 1000V
  • Cisco ASR 1000 Series Route Processor (RP2)
View all products in Bug Search Tool Login Required

Known Affected Releases

Fuji-16.7.1

Description (partial)

Symptom:
After enabling IPSec Anti-Replay with SNS in an IPSec profile it is enabled globally.

R1(config)#crypto ipsec profile default
R1(ipsec-profile)#set security-association multi-sn
Warning: Existing sessions if any, might experience traffic drop due to SPI not found

R1(ipsec-profile)#do sh run | s crypto ipsec profile default
R1(ipsec-profile)#do sh run | i multi-sn
crypto ipsec security-association multi-sn
R1(ipsec-profile)#

Conditions:
Configuring IPSec Anti-Replay with SNS under an IPSec profile
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.