GetVPN GMs not finding KS via alternative interfaces.

Unanswered Question
Oct 22nd, 2009
User Badges:


The registration with the KS is ok during normal operation but when a topology change occurs, the GM is unable to start GDOI because the interface is down, for instance. The crypto map is applied to a second interface and we have reachability from loopback to loopback. The message I get is

%CRYPTO-4-GM_REGSTER_IF_DOWN: Can't start GDOI registeration as interface FastEthernet0/1 is down

If I remove the crypto map from the first interface, the whole process starts and I get registered right away. It does not run while the crypto map is on both interfaces.

Do you know what might be happening?

Thanks a lot!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ggalteroo Thu, 02/18/2010 - 10:41
User Badges:


A TAC case recently closed pointed to bug CSCtb13421. The release 12.4(15)T12 solved the problem.

Thanks again!


This Discussion