Telnet issue with error message "%SEC-4-TOOMANY : Box secured, too many options on internal packet"

Unanswered Question
Jan 28th, 2010

Hi All,

I had issue on telnet.

Recently, I have replaced an old module WS-X6408A-GBIC with new module WS-X6724-SFP for C6505-E core switch.

After replacing, siter FM tried to telnet to remote core switch, but failed with error message as below:

%SEC-4-TOOMANY : Box secured, too many options on internal packet

Then I tried to telnet locally, the same error message came out.

The only configurations that I did are to assign some port of the new module to correct vlan.

The information I searched from internet is:

%SEC-4-TOOMANY : Box secured, too many options on internal packet

Explanation :  The system was not able to process the packet because there was not enough room for all of the desired IP header options.

                    The packet has been discarded.

Recommended Action :  Change the configuration so that fewer IP header options are stored.

But I have no idea where to start to troubleshoot.
Please help.

Thanks.

Regards,

laputaxyf

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Mohamad Qayoom Wed, 02/17/2010 - 13:50

laputaxyf,

Have you tried to console into the switch?

If you can console into the switch, check the CPU utilization byt using "sh process cpu sorted."

Thanks,

Mohamad

Ganesh Hariharan Thu, 02/18/2010 - 00:13

Hi All,

I had issue on telnet.

Recently, I have replaced an old module WS-X6408A-GBIC with new module WS-X6724-SFP for C6505-E core switch.

After replacing, siter FM tried to telnet to remote core switch, but failed with error message as below:

%SEC-4-TOOMANY : Box secured, too many options on internal packet

Then I tried to telnet locally, the same error message came out.

The only configurations that I did are to assign some port of the new module to correct vlan.

The information I searched from internet is:

%SEC-4-TOOMANY : Box secured, too many options on internal packet

Explanation :  The system was not able to process the packet because there was not enough room for all of the desired IP header options.

                    The packet has been discarded.

Recommended Action :  Change the configuration so that fewer IP header options are stored.

But I have no idea where to start to troubleshoot.
Please help.

Thanks.

Regards,

laputaxyf

Hi laputaxyf,

As per the error cisco says the below information

%SEC-4-TOOMANY:   Box secured, too many options on internal packet

The system was not able to process the packet because there was not enough room for all of the desired IP header options. The packet has been discarded.

Recommended Action: Change the configuration so that fewer IP header options are stored.

and there is No specific documents apply to this error message.

can you post your configuration of your box.

Ganesh.H
Yi Fan XU Thu, 02/18/2010 - 00:54

Hi All,

I have checked.

This issue is a known IOS bug.

To solve the problem, either upgrade the IOS or remove the ip security commands.

Anyway, thanks for the help and information.

Regards,

laputaxyf

Actions

This Discussion

Related Content