Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1580
Views
0
Helpful
3
Replies

parameters of IPsec VPN tunnel

night-fury
Level 1
Level 1

‎03-15-2018 03:57 AM - edited ‎03-08-2019 02:16 PM

Hi,

I have an ASA which has a tunnel configured with one of the clients. now I need to verify what parameters have been defined for that tunnel via CLI or ASDM e.g.

 

Phase-1 (IKE)
Data Encryption Algorithm
Authentication (Data Integrity) Method
Diffie-Hellman Group
IKE Security Association lifetime in Second

 

Phase-2 (IPSec)        
Data Encryption Algorithm   
Perfect Forward Secrecy (PFS)        
Diffie-Hellman (DH) Group        
IPSec Security Association lifetime in Second

 

Any help would be much appreciated.

Labels:
0 Helpful
3 Replies 3

Deepak Kumar
VIP Alumni
VIP Alumni

‎03-15-2018 06:34 AM

Hi,

I hope this command will helpful to you.

 

show running-config crypto

 

 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

night-fury
Level 1
Level 1
In response to Deepak Kumar

‎03-16-2018 10:04 AM

:) i already checked that. however you dont get full parmaters. i was hoping to get something like sh isa sa detail which gives you parameters as below:

 

IKE Peer: X.x.x.x
Type: L2L Role: initiator
Rekey   : no  State   : MM_ACTIVE
Encrypt : 3des Hash: SHA
Auth: preshared   Lifetime: 28800

 

how to get such details for phase 2, or i am missing something. i am trying to clear the confusion as i get confused between phase 1 & 2.

0 Helpful

Rob Ingram
VIP
VIP
In response to night-fury

‎03-16-2018 10:14 AM

These commands will show you what has been configured for a VPN:

 

show run crypto ikev1
show run ipsec        
show run tunnel-group
show run access-list    
show run crypto map

 

 

0 Helpful
Top