Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Strange IPSEC Error

First of all, thanks to everyone who will take the time to read this message. We have a fairly large VPN topology between our primary data center and various customer sites. One site has an 1841 running 12.4(24) Mainline that is logging a rather peculiar error message:

%CRYPTO-4-RECVD_PKT_MAC_ERR

This message is only being experienced at this one site and doesn't seem to be effecting VPN availability or performance. This is more a question out of curiosity than anything. The current findings using Cisco's Error Message Decoder is as follows:

"%CRYPTO-4-RECVD_PKT_MAC_ERR:

decrypt: mac verify failed for connection id=[dec]

MAC verify processing failed. This may be due to the use of the wrong key by either party during the MAC calculations. Some might consider this a hostile event."

Most others that have experienced this issue usually are able to find a resolution by disabling Fast Switching on the interface(s) involved. I'm curious if anyone else has experienced this issue in a similar deployment. I'm assuming "MAC calculations" in Cisco's description is referring to frame-based CRC values but I'm not receiving any inbound errors on the line. I'm also a little puzzled about the actual nature of this error, as it relates to IPSEC.

Any input would be greatly appreciated.

Thanks.

1 REPLY
Anonymous
N/A

Re: Strange IPSEC Error

This might be caused by the use of the wrong key by either party during the MAC calculations. Basically a VPN negotiation is taking place but the pre-shared key is not correct. If all your VPN tunnels are currently working fine then there is not much we could do about this error message since some one else is trying to create a VPN tunnel and your router is reporting that the information provided is not valid.

210
Views
0
Helpful
1
Replies
CreatePlease login to create content