Strange IPSEC Error

Unanswered Question

First of all, thanks to everyone who will take the time to read this message. We have a fairly large VPN topology between our primary data center and various customer sites. One site has an 1841 running 12.4(24) Mainline that is logging a rather peculiar error message:

%CRYPTO-4-RECVD_PKT_MAC_ERR


This message is only being experienced at this one site and doesn't seem to be effecting VPN availability or performance. This is more a question out of curiosity than anything. The current findings using Cisco's Error Message Decoder is as follows:

"%CRYPTO-4-RECVD_PKT_MAC_ERR:

decrypt: mac verify failed for connection id=[dec]


MAC verify processing failed. This may be due to the use of the wrong key by either party during the MAC calculations. Some might consider this a hostile event."


Most others that have experienced this issue usually are able to find a resolution by disabling Fast Switching on the interface(s) involved. I'm curious if anyone else has experienced this issue in a similar deployment. I'm assuming "MAC calculations" in Cisco's description is referring to frame-based CRC values but I'm not receiving any inbound errors on the line. I'm also a little puzzled about the actual nature of this error, as it relates to IPSEC.


Any input would be greatly appreciated.

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Anonymous (not verified) Wed, 06/03/2009 - 18:35
User Badges:

This might be caused by the use of the wrong key by either party during the MAC calculations. Basically a VPN negotiation is taking place but the pre-shared key is not correct. If all your VPN tunnels are currently working fine then there is not much we could do about this error message since some one else is trying to create a VPN tunnel and your router is reporting that the information provided is not valid.


Actions

This Discussion