Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
765
Views
0
Helpful
1
Replies

critical sys log on router - IPSEC vpn

alanc3141592654
Level 1
Level 1

‎08-23-2009 06:04 PM - edited ‎03-04-2019 05:49 AM

Hey Guys,

I keep getting the below system on one of our wan routers that terminates a vpn tunnel.

Aug 19 11:29:13.553 AEST: %VPN_HW-1-PACKET_ERROR: slot: 0 Packet Encryption/Decryption error, Output Authentication error:srcadr=x.x.x.x,dstadr=x.x.x.x,size=1376,handle=0x58E9

we have 1841 with ios version 12.4(13r)T

I found the 2 cisco bugs,

- CSCee43714

- CSCeg52468

But our ios does not seem to be affected.

I've also checked the security-Association information which is the same on both routers.

Does anyone have any ideas or suggestions?

Thanks,

Alan

Labels:
0 Helpful
1 Reply 1

gmarogi
Level 5
Level 5

‎08-28-2009 11:31 AM

This is a notification message seen on the console of the decrypting peer that tells the user that IPSec packets have been received out of order.

I think 'Output Authentication' may be indicating ICV value mismatch and packet corruption.

Verify the cause of the problem by disabling the cef switching by issuing these commands:

(conf)# no ip cef

(conf-if)# no ip route-cache

(conf-if# no ip mroute-cache

For a workaround, issue these commands:

Change tcp adjust-mss on interfaces

Change crypto ipsec df-bit

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card