Preview Tool

Cisco Bug: CSCvv23306 - IOS-XE ipsec EULA prompt may block crypto process indefinitely

Last Modified

Aug 31, 2020

Products (1)

  • Cisco ASR 1000 Series Aggregation Services Routers

Known Affected Releases


Description (partial)

IPSec EULA prompt may block crypto process indefinitely preventing features such as "tunnel protection" to work.

When the tunnel protection is applied no crypto debugs (debug crypto isakmp/ikev2) will be seen. Also in "show ip socket" we will not see the device listening on ports udp/500 and udp/4500.

The "show license detail" for ipsec license will show "Active, Not in Use".

The process will get stuck if the console session is terminated (closed) at ipsec EULA yes/no prompt. The prompt gets displayed on console when tunnel protection is applied for the first time.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.