I have DMVPN network and everything work well.
When connection from ISP to spoke down and then up I receive this massage:
CRYPTO-4-IKMP_NO_SA: IKE message from [IP_address] has no SA and is not an initialization offer
and no traffic from spoke.
I have ssh from hub and when clear crypto sa and clear crypto iskmp sa and reload router everything ok.
I find this on site:
%CRYPTO-4-IKMP_NO_SA : IKE message from [IP_address] has no SA and is not an initialization offer
Explanation IKE maintains the current state for a communication in the form of security associations. No security association exists for the specified packet, and it is not an initial offer from the peer to establish one. This situation could indicate a denial-of-service attack.
Recommended Action Contact the remote peer and the administrator of the remote peer.
But this is no Dos attack.
Can you help me
Thanks in advance