01-15-2015 08:54 AM
I have the following Vyatta code:
vyatta@tscvyatta:~$ show ver
Description: Brocade Vyatta 5415 vRouter 6.6 R6
A Cisco is at the remote side of the VPN and is configured with the statement:
crypto isakmp invalid-spi-recovery
This command allows you to configure your router so that when an invalid security parameter index error (shown as “Invalid SPI”) occurs, an IKE SA is initiated. The “IKE” module, which serves as a checkpoint in the IPSec session, recognizes the “Invalid SPI” situation. The IKE module then sends an “Invalid Error” message to the packet-receiving peer so that synchronization of the security association databases (SADBs) of the two peers can be attempted. As soon as the SADBs are resynchronized, packets are no longer dropped.
Is there a corresponding parameter on the Vyatta which can be configured?