Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

GetVPN GMs not finding KS via alternative interfaces.

Hello

The registration with the KS is ok during normal operation but when a topology change occurs, the GM is unable to start GDOI because the interface is down, for instance. The crypto map is applied to a second interface and we have reachability from loopback to loopback. The message I get is

%CRYPTO-4-GM_REGSTER_IF_DOWN: Can't start GDOI registeration as interface FastEthernet0/1 is down

If I remove the crypto map from the first interface, the whole process starts and I get registered right away. It does not run while the crypto map is on both interfaces.

Do you know what might be happening?

Thanks a lot!

Guido

2 REPLIES
Bronze

Re: GetVPN GMs not finding KS via alternative interfaces.

You are hitting the bug ID CSCtb26955.

New Member

Re: GetVPN GMs not finding KS via alternative interfaces.

Thanks!

A TAC case recently closed pointed to bug CSCtb13421. The release 12.4(15)T12 solved the problem.

Thanks again!

270
Views
0
Helpful
2
Replies