Cisco Bug: CSCvv43190 - Crypto engine errors when GRE header protocol field doesn't match protocol field in inner ip header
Aug 27, 2020
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: Crypto engine errors when protocol field in the GRE header doesn't match protocol field in inner ip header. We see the following errors: <164>Aug 12 2020 10:49:55: %ASA-4-402126: CRYPTO: The ASA created Crypto Archive File < disk0:/crypto_archive/crypto_eng1_arch_2.bin > as a Soft Reset was necessary. Please forward this archived information to Cisco <164>Aug 12 2020 10:27:29: %ASA-4-402124: CRYPTO: The ASA-SM2 hardware accelerator encountered an error (HWErrAddr= 0x82143A3A, Core= 0, HwErrCode= 49, Queue= IPsec (0), IstatReg= 0x00100001, Station= 2, CoreRptr= 0x0A5F91EA, CoreConfig= 0x80491209, SWReset= 28) Conditions: Issue is observed only when IPSec is configured on these devices.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases