Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
544
Views
0
Helpful
3
Replies

Is there a way to see when that last VPN tunnel was created?

gmgarrian
Level 4
Level 4

‎08-22-2011 08:02 AM - edited ‎03-11-2019 02:15 PM

I have a possible routing issue on a WAN link and I have an ASA on a separate link for backup VPN.  I suspect that the WAN side is having problems and the VPN is kicking in momentarily.   Can anyone help with what commands I need to run so see when the last VPN tunnel was created?  If the main WAN link is stable the VPN should not connect, so knowing if/when the last tunnel was brought up would help with ths problem diagnosis.

Thanks!

Labels:
0 Helpful
3 Replies 3

varrao
Level 10
Level 10

‎08-22-2011 08:29 AM

Well I am not really sure about it, but if you have debugs enabled on the ASA (debug crypto isakmp 127 and debug crupto ipsec 127) then you should be able to atleast know when the ast time the tunnel was esatblished in the syslog server. You can give it a try and check.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

gmgarrian
Level 4
Level 4
In response to varrao

‎08-22-2011 09:10 AM

Right now I'm pretty much limited to show commands.  I suppose I could clear the counters and view those stats after an event.

0 Helpful

varrao
Level 10
Level 10
In response to gmgarrian

‎08-22-2011 09:23 AM

Yup, thats right, but show crypto ipsec sa and show vpn-sessiondb should help in it.

-Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card