Cisco 7140 IPSec problem

leung_wilson · ‎10-21-2002

My 7120 kis getting cert and operating well with Entrust CA and Injoin. I have problems with 7140. I have the exact same setup and IOS (12.2) for both. When I ran show cry eng conf on 7120 I got the following:

crypto engine name: Unknown

crypto engine type: hardware

Cryptic verion: OxFF41

CGX version: 0x0111

DSP firmware version: 0x0065

MIPS firware version: 0X030362700

ISA/ISM Serial number:6BA........

PCDB info: 3-DES [.....]

Compression: NO

3 DES: Yes

Maximum buffer lenght: 4096

Maximum DH index: 1014

Maximum SA index: 2029

Maximum Flow index: 4059

Maximum RSA Key Size: 2048

Crypto engine in slot: 5

platform: predator crypto-engine

Crypto Adjacency Counts:

Lock Count: 9988

But when I ran the same command on 7140, I got the following instead:

crypto engine name: Unknown

crypto engine type: hardware

Crypto engine in slot: 5

platform: predator crypto-engine

Crypto Adjacency Counts:

Lock Count: 0

Unlock Count: 0

My 7140 does not communicate with other routers via Entrust CA. Is the 7140 hardware broken?

Thanks in advance.

W

r-simpson · ‎10-25-2002

'show crypto isakmp sa' and 'show crypto ipsec sa' are the preferred methods for monitoring/checking IPSEC tunnels. I would suggest trying those commands on your 7140 to see if you get the same results.