cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13305
Views
0
Helpful
2
Replies

%CRYPTO-4-RECVD_PKT_INV_SPI:

SludnevTN_2
Level 1
Level 1

Everyday I have a lot of this messages:

9317: Apr 28 03:00:16.709: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=89.175.xx.xx, prot=50, spi=0x6D715B56(1836145494), srcaddr=77.236.xx.xx

Then Virtual Tunnel Interfaces begin to bounce UP-DOWN.

Sometimes they "hang".

1. What causes them?

2. How can I avoid them?

2 Replies 2

vmoopeung
Level 5
Level 5

A router that is running Cisco IOS Release 12.4(22)T and that is configured for L2L tunnels may intercept pass-thru UDP 4500 packets that are destined to internal client.

%CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=x.x.x.x, prot=50, spi=0xDD8DEB2(232316594), srcaddr=y.y.y.y.

Is logged on the at-fault router.

Conditions: The router that is running Cisco IOS Release 12.4(22)T is configured for IPsec. Internal IPsec client being NATed on router using nat-t.

Workaround: There is no workaround.

Thank you for your reply.

Does this means that some one inside LAN is trying to "vpn" somewhere?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: