Error bring up a GRE tunnel

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Wed, 06/24/2009 - 18:59


I am not sure that this is cosmetic. The error indicates that your router received an ISAKMP message from its peer but the router does not have an SA that corresponds to it.

I have seen this error message when routers had established the IPSec and ISAKMP relationship (including SAs) and then one of the peers reboots. The peer who did not reboot continues to send ISAKMP packets but the router that did reboot no longer has an SA for that peer.

Is it possible that your router has recently rebooted when you see these messages?

Do the routers involved in this generally transmit traffic to each other successfully?

If it is still an active issue you might post the configs from both routers. It might also help to post the output from show crypto isakmp to display the SAs of both routers.




This Discussion