Last Modified: Nov 07, 2022
Known Affected Versions:
15.1.0, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 15.1.1, 15.1.2, 22.214.171.124, 15.1.3, 126.96.36.199, 15.1.4
Opened: Apr 08, 2021 Severity: 3-Major
A tmsh command which shows ipsec-sa instances can display the 32-bit SPI more than once for the same security association (SA) but in different tmm instances.
The duplicate SPI displayed is a cosmetic effect only.
Especially in the context of failover where Standby becomes Active, sometimes the same SA appears more than once when shown by a tmsh command, but in different tmms.
Fixed an issue with duplicate SA reporting when using the tmsh show net ipsec ipsec-sa command.