Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Urgent: pkts no sa (send): 95815

Hello All,

I have a VPN tunnel that has been working fine for months, last week it stoped processing data, i bounced the tunnel and it came back online. then again today it has happened again, this time i can see that the packets are encapsulation but not encrypting and my TX count is not increasing.

Capture taken once issue started:

#pkts encaps: 13036591, #pkts encrypt: 12943510, #pkts digest: 12943510

      #pkts decaps: 6932365, #pkts decrypt: 6932365, #pkts verify: 6932365

      #pkts compressed: 0, #pkts decompressed: 0

      #pkts not compressed: 13036591, #pkts comp failed: 0, #pkts decomp failed: 0

      #pre-frag successes: 3, #pre-frag failures: 0, #fragments created: 6

      #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 9

      #pkts no sa (send): 93084, #pkts invalid sa (rcv): 0

      #pkts encaps failed (send): 0, #pkts decaps failed (rcv): 0

      #pkts invalid prot (rcv): 0, #pkts verify failed: 0

      #pkts invalid identity (rcv): 0, #pkts invalid len (rcv): 0

      #pkts invalid pad (rcv): 0,

      #pkts invalid ip version (rcv): 0,

      #pkts replay rollover (send): 0, #pkts replay rollover (rcv): 0

      #pkts replay failed (rcv): 0

      #pkts min mtu frag failed (send): 0, #pkts bad frag offset (rcv): 0

      #pkts internal err (send): 0, #pkts internal err (rcv): 0

Taken 10 minutes later:

#pkts encaps: 13056774, #pkts encrypt: 12943510, #pkts digest: 12943510

      #pkts decaps: 6952419, #pkts decrypt: 6952419, #pkts verify: 6952419

      #pkts compressed: 0, #pkts decompressed: 0

      #pkts not compressed: 13056774, #pkts comp failed: 0, #pkts decomp failed: 0

      #pre-frag successes: 3, #pre-frag failures: 0, #fragments created: 6

      #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 9

      #pkts no sa (send): 113267, #pkts invalid sa (rcv): 0

      #pkts encaps failed (send): 0, #pkts decaps failed (rcv): 0

      #pkts invalid prot (rcv): 0, #pkts verify failed: 0

      #pkts invalid identity (rcv): 0, #pkts invalid len (rcv): 0

      #pkts invalid pad (rcv): 0,

      #pkts invalid ip version (rcv): 0,

      #pkts replay rollover (send): 0, #pkts replay rollover (rcv): 0

      #pkts replay failed (rcv): 0

      #pkts min mtu frag failed (send): 0, #pkts bad frag offset (rcv): 0

      #pkts internal err (send): 0, #pkts internal err (rcv): 0

Thank you,

Brad

Everyone's tags (3)
1 REPLY
New Member

Urgent: pkts no sa (send): 95815

The tunnel refreshed after the the keys refreshed and brought it back online. still unsure why it did what it did.

Btw, i have two different sa's on the same tunnel one of the sa's is fine and never failed the other sa is the one having issues.

any insight would be appreciated,

Regards,

Brad

1357
Views
0
Helpful
1
Replies
CreatePlease to create content