Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
288
Views
0
Helpful
1
Replies

Syslog error from all ADSL 837's - what do they mean?

whiteford
Level 1
Level 1

‎03-17-2006 12:47 AM - edited ‎03-03-2019 12:05 PM

I keep getting the following error sform our ADSL 837 routers which LAN-to-LAN to our Cisco concentraor, these error rarley appear but have got worse the last few days.

3/16/2006 11:46 AM : 40: destaddr=89.137.100.100, prot=50, spi=0x5189CE04(1367985668), srcaddr=Cisco_Concentrators

3/16/2006 11:46 AM : CRYPTO-4-RECVD_PKT_INV_SPI 39: Mar 16 11:44:14.394: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for

3/16/2006 11:46 AM : CRYPTO-4-RECVD_PKT_MAC_ERR 95: *Apr 9 21:04:08.362: %CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=134219748

3/16/2006 11:47 AM : CRYPTO-4-RECVD_PKT_MAC_ERR 41: Mar 16 11:44:41.978: %CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=2044

3/16/2006 11:47 AM : CRYPTO-4-RECVD_PKT_INV_SPI 178: Mar 16 11:45:06.122 UTC: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for

Labels:
0 Helpful
1 Reply 1

spremkumar
Level 9
Level 9

‎03-17-2006 02:26 AM

Hi

do find the possible reasons ,recommendations and workaround to avoid these error logs..

%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=134219748

%CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has invalid spi for destaddr=[IP_address], prot=[dec], spi=[hex]([int]), srcaddr=[IP_address]

An IPSec packet was received that specified an SPI that does not exist in the SADB. This may be a temporary condition because of slight differences in aging of SAs between the IPSec peers, or this condition might be caused by local SAs that have been cleared. This condition may also be caused by bogus packets that were sent by the IPSec peer. Under some circumstances this would be considered a hostile event.

Recommended Action: If the local SAs have been cleared, the peer may not be aware of this condition. In this case, if a new connection is established from the local router, the two peers may reestablish successfully. Otherwise, if the problem occurs for more than a brief period, either attempt to establish a new connection or contact the peer administrator.

%CRYPTO-4-RECVD_PKT_MAC_ERR: decrypt: mac verify failed for connection id=[dec]

The MAC verify processing failed. This might be caused by the use of the wrong key by either party during the MAC calculations. This activity could be considered a hostile event.

Recommended Action: Contact the peer administrator.

regds

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card