| Message Code | PIX-4-402114 |
| Severity | Warning |
| Description | IPSEC: Received an protocol packet (SPI=spi, sequence number= seq_num) from remote_IP to local_IP with an invalid SPI. protocol—IPSec protocol spi—IPSec Security Parameters Index seq_num—IPSec sequence number remote_IP—IP address of the remote endpoint of the tunnel username—Username associated with the IPSec tunnel local_IP—IP address of the local endpoint of the tunnel |
| Explanation | This message is displayed when an IPSec packet is received that specifies an SPI that does not exist in the SA database. This may be a temporary condition due to slight differences in aging of SAs between the IPSec peers, or it may be because the local SAs have been cleared. It may also indicate incorrect packets sent by the IPSec peer, which may be part of an attack. This message is rate limited to no more than one message every five seconds. |
| User Action | The peer may not acknowledge that the local SAs have been cleared. If a new connection is established from the local router, the two peers may then reestablish successfully. Otherwise, if the problem occurs for more than a brief period, either attempt to establish a new connection or contact the peer administrator. |
| Reference Links |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.