Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13842
Views
6
Helpful
3
Replies

ASA IPsec VPN debug troubleshooting commands

preetpeethambaran
Level 1
Level 1

‎03-03-2018 12:50 AM - edited ‎03-12-2019 05:04 AM

In our network infrastructure, there are 11 IPsec site-to-site vpn tunnel configured in ASA firewall, of which one of the tunnel is not getting established.

 

Please share the debug troubleshooting commands, specific to that IPSec tunnel without impacting ASA performances in production environment.

Labels:
0 Helpful
3 Replies 3

Flavio Miranda
VIP
VIP

‎03-03-2018 05:45 AM

Hi

 Issue the command "show crypto isakmp sa"

 Share the output please.

 

 

-If I helped you somehow, please, rate it as useful.-

 

0 Helpful

Josue Brenes
Cisco Employee
Cisco Employee

‎03-03-2018 01:19 PM

Hi,
You can enable the debugging for that specific peer only.

Commands:
IKEv1:
debug crypto condition peer X.X.X.X
debug crypto ikev1 200
IKEv2:
debug crypto condition peer X.X.X.X
debug crypto ikev2 platform 100
debug crypto ikev2 protocol 100

Rate if it helps.

Regards,
Josue Brenes
TAC - VPN Engineer.

preetpeethambaran
Level 1
Level 1
In response to Josue Brenes

‎03-06-2018 04:45 PM

Thanks, now the tunnel is up.

0 Helpful
Customers Also Viewed These Support Documents