Cisco Bug: CSCvv23306 - IOS-XE ipsec EULA prompt may block crypto process indefinitely
Aug 31, 2020
- Cisco ASR 1000 Series Aggregation Services Routers
Known Affected Releases
Symptom: IPSec EULA prompt may block crypto process indefinitely preventing features such as "tunnel protection" to work. When the tunnel protection is applied no crypto debugs (debug crypto isakmp/ikev2) will be seen. Also in "show ip socket" we will not see the device listening on ports udp/500 and udp/4500. The "show license detail" for ipsec license will show "Active, Not in Use". Conditions: The process will get stuck if the console session is terminated (closed) at ipsec EULA yes/no prompt. The prompt gets displayed on console when tunnel protection is applied for the first time.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases