04-21-2021 10:52 AM
Using show crypto ipsec sa we can get SPI, transform algorithms and etc, but it doesn't show ESP encryption keys.
Is there is a way to get it?
For instance, FortiGate has diagnose VPN tunnel list command which allows it.
04-21-2021 06:43 PM
hi,
different vendors have their proprietary way of implementing technology.
what platform or device is this for?
i checked it's not supported in ASA. i tried different 'show crypto ipsec sa' syntax/output but none showed the IKE phase 2 key.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community