Unable to establish EIGRP neighbor through VTI

MarcusJ · ‎03-27-2025

I'm attempting to form an EIGRP neighborship between two routers using VTIs. I'm able to establish the tunnels and can ping the VTI destination IP addresses on both sides with the size up to 1446 and DF bit set. When I add the EIGRP statements, I can see "Side A" adjacency go up but it continuously sends update packets to the far end until it ultimately fails 16 times and retries. "Side B" adjacency never comes up.

On the other (Side B) router I'm getting a syslog message complaining of an HMAC error. I've checked the ipsec SA and the transform-set matches on both sides. The MTU on the VTIs are both 1400. Is this simply a bug on the far end or should I be looking at something else? The syslog error is below:

%IOSXE-3-PLATFORM: R0/0: cpp_cp: QFP:0.0 Thread:000 TS:00059272608795744648 %IPSEC-3-HMAC_ERROR: IPSec SA receives HMAC error, DP Handle 18,

I'm using this configuration on three other remote routers to the same "Side B" router and they all work.

balaji.bandi · ‎03-27-2025

what is the router model and IOS code running, is the same IOs working vs no working ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MarcusJ · ‎03-27-2025

@balaji.bandi The three working routers are all older routers running IOS 15.6. The Hub or "Side B" router, and the "Side A" router are both running IOS-XE 17.5.1a.

MHM Cisco World · ‎03-29-2025

Under eigrp use manual neighor instead of use network.

Also don't forget use no split horizon and no next hop self

MHM

balaji.bandi · ‎03-30-2025

I may be thinking this may be issue with IOS XE side for compatability,

post configurration exmaple

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help