Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Orphaned entries in show crypto session summary output

Hello together,

we use a Cisco 2811 with IOS-Version 12.4(3a) and the Cisco VPN-Client Ver. 4.8.01 to connect our roadwarriors to our company network. Sometimes we have the folowing problem:

Maybe due to underlying network connection problems(umts-/gprs-interruption) the client disconnects, but nevertheless the output of the "show crypto session groups"-command displays one connection for this user. (We configured one group for every user.) But the "show crypto session detail"-command delivers no information about this client e.g. ip-adress. The User is not able to log in until an unspecified amount of time.

We configured the dead peer detection to solve the problem:

crypto isakmp keepalive 60 periodic

and the output of "debug crypto isakmp" attest that dpd works. But there are no "DPD/R_U_THERE"-messages between the client and the gateway. Everythings looks like the client isn't connected anymore besides the output of "show crypto session groups".

Any ideas?

Thanks for your help.

Regards, Stefan


Re: Orphaned entries in show crypto session summary output

It looks like bug to me, check this bug-id: CSCsb08423.