Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
1
Replies

%VPN_HW-1-PACKET_ERROR

sur_babu
Level 1
Level 1

‎01-25-2006 09:36 AM - edited ‎03-03-2019 11:33 AM

Hi Guys,

Getting bugged by an irritant for the past few weeks. Cisco site doesn't seem to be of much help. The problem here is as follows.

"Jan 25 13:04:22.837: %VPN_HW-1-PACKET_ERROR: slot: 0 Packet Encryption/Decryption error, Invalid Packet:srcadr=x.x.x.x,dstadr=y.y.y.y.y,size=2352,hand

le=0x581E"

Now the thing is whenever this is happening the CPU load is shooting up to a high point og 99%. We have several VPN tunnels in our 2851, out of which x.x.x.x is one of vallid peer IP that is appearing against the error.

Searched the cisco site and hit upon CSCed31869/CSCeg52468/CSCeg15422/CSCdy41378. None seems to be affordable.

Anyone has faced this thing before? I know it's of cosmic nature and common in Ipsec but why does this only one Ip keeps on appearing and that too during high load? Any co relation. It appears--.router shootsup-->it goes off-->router is calm. Duration for this is 40-45 mins on an average.

Thanks In advance for the help

Best,

Surajit

1 person had this problem
Labels:
0 Helpful
1 Reply 1

fashour
Level 1
Level 1

‎10-19-2007 07:34 AM

It looks like the reason lies with reassembly of fragmented packets. Try this:

crypto ipsec df-bit clear

Also disable fast switching to allow the router to reassemble the packets an put them in order.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card