Symptom
Traffic is dropped after getting the ISystemActivator Response from the MSRPC server with a Format Error message, if inspection is disabled and Pass used as action for MSRPC traffic the issue disappears.
Conditions
ISR4451 running 16.09.05
ZBF enabled with inspact action for MSRPC traffic
DMVPN configure
Workaround
1.- Bypass msrpc inspection:
parameter-map type inspect pmap
no application-inspect msrpc
class-map type inspect match-all cm-msrpc
match protocol msrpc
policy-map type inspect pm-bypass-msrpc-inspect
class cm-msrpc
inspect pmap
class default
drop
Further Problem Description
