error message in PIX
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2004 05:56 AM - edited 02-20-2020 11:45 PM
Hi
I am getting the error message on my PIX firewall.
%PIX-4-402101: decaps: rec'd IPSEC packet has invalid spi for destaddr=ip-addr, prot=protocol, spi=spi
Can anybody help me how to resolve the isuue.
- Labels:
-
Other Network Security Topics
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2004 06:21 AM
Error Message
%PIX-4-402101: decaps: rec'd IPSEC packet has invalid spi for
destaddr= dest_address, prot= protocol, spi= number
Explanation
Received IPSec packet specifies a Security Parameters Index (SPI) that does not exist in
SADB. This may be a temporary condition due to slight differences in aging of SAs between the
IPSec peers, or it may be because the local SAs have been cleared. It may also be because of incorrect
packets sent by the IPSec peer. This may also be an attack.
Recommended Action
The peer may not acknowledge that the local SAs have been cleared.
If a new connection is established from the local router, the two peers may then reestablish successfully.
Otherwise, if the problem occurs for more than a brief period, either attempt to establish a new
connection or contact the peer's administrator.
