[c-nsp] CRYPTO-6-IKMP_MODE_FAILURE errors
Rodney Dunn
rodunn at cisco.com
Wed Sep 8 16:35:39 EDT 2004
The service shouldn't be on if it's not enabled.
This one was an implementation mistake and was fixed
via:
CSCea42064
Externally found enhancement defect: Resolved (R)
Crypto Error message when Crypto not configured
I'm working to get this ported over to 12.1E also.
Rodney
On Tue, Sep 07, 2004 at 07:21:36PM -0400, Jared Mauch wrote:
> On Tue, Sep 07, 2004 at 07:43:32AM -0600, Clinton Work wrote:
> > I have Cisco 7600s running IOS 12.1(13)Ex logging the following errors from
> > time to time. The
> > peer IPs all belong to random subscribers. I don't have any cypto/IPSEC
> > config on the 7600s.
> > Anybody else seen the following and found a way to suppress the error
> > messages?
> >
> > %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Main mode failed with peer at
> > x.x.x.x
> > %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer
> > at x.x.x.x
> > %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer
> > at x.x.x.x
> > %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer
> > at x.x.x.x
> > %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer
> > at x.x.x.x
>
> I wish cisco would add receive-acl, or have a way to disable
> these services.. very annoying.. mostly this is people scanning your
> routers.
>
> - jared
>
> --
> Jared Mauch | pgp key available via finger from jared at puck.nether.net
> clue++; | http://puck.nether.net/~jared/ My statements are only mine.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list