Guest

Preview Tool

Cisco Bug: CSCvs45364 - vEdge - NAT Fail Lookup on return traffic through Standard IPSec Tunnel

Last Modified

May 14, 2020

Products (3)

  • Cisco IOS
  • Cisco vEdge Router Model
  • Cisco SD-WAN

Known Affected Releases

18.4 19.2.1 19.3

Description (partial)

Symptom:
Reply Packets are getting dropped due to NAT Lookup Faile
PC on Service-side would not receive any responses for Ping Echo Requests

Conditions:
vpn 0
 interface ipsec7
  ip address 7.7.7.1/30
  tunnel-source-interface ge0/0
  tunnel-destination      sunnyvale1-vpn.zscalerbeta.net
  ike
   version      2
   rekey        14400
   cipher-suite aes256-cbc-sha1
   group        2
   authentication-type
    pre-shared-key
     pre-shared-secret $8$ZS7zekQBhfBT3WWKRHv2kvecr+bgkATelmNlrxo0tV6bsm3oLyOnXrA2bFqUdDQz
     local-id         
   !
  !
  ipsec
   rekey                   3600
   replay-window           512
   cipher-suite            null-sha1
   perfect-forward-secrecy none
  !
  no shutdown
 !
!

vpn 1
 interface natpool1
  ip address 13.13.200.0/24
  nat
   static source-ip 8.8.8.8 translate-ip 13.13.200.2 outside
   no overload
  !
  no shutdown
 !
!
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.