It seems to be only warning, but I would like to know how I can fix it.
When I enable debuging crypto subsystem I see the folowing message in the log:
"IPSEC(encapsulate): encaps area too small: moving to new buffer: idbtype 0, encaps_size 84, header size 36, avail 84"
Cisco 3640, c3640-ik8o3s-mz.122-6a.bin, 16F/64D