07-23-2004 06:47 AM - edited 02-20-2020 11:31 PM
Hi,
We have a cisco 7100 series router with VPN capability running Version 12.2(13)T5.We have a number of site-site tunnels terminated on this.
We use the command ,
"show crypto isakmp sa" to check whether a particular tunnel is up or not.Sometimes we dont see an entry for any specific site-site tunnel using this command,but we could see the packets getting encrypted through this tunnel using the command,
"show crypto ipsec sa" and the connectivity is also fine.
Can anyone pls let me know why it is not showing the tunnel status even when the connectivity is ok and let me know the exact command to see whether a tunnel is up or down.
Thanks..
07-29-2004 06:06 AM
The best way to check if the tunnel is up is to use the trace command. Instead of giving you all the intermediate hops, you will be able to see only the first and last hop.
08-04-2004 01:36 AM
Hi
I just got to c u r mail ,hope this command show crypto engine connections active helps a bit which will display the active connections details with encrypted/decrypted packet counters..
regs
prem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide