When using the show vpn ipsec sa command the python script behind will error with KeyError exceptions when the following conditions are true.
- Suites containing GCM or CHACHA20_POLY1305 are used.
Circumstances here mean that a lookup for integ-alg key fail as it is not present in the object's dictionary keys.
- Suites containing CHACHA20_POLICY1305 are used
Circumstances here mean that a lookup for encr-keysize key fail as it is not present in the object's dictionary keys.
This issue can be mitigated by performing simple checks similar to the dh-group checks and formatting the output string appropriately on the response.