Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
5
Helpful
2
Replies

Command show crypto isakmp sa shows 2 VPNs

Go to solution
David Kleberson
Level 1
Level 1

‎05-21-2015 03:10 AM

Hi all!

Why my router shows me 2 VPNs? Is it normal?

R1#show crypto isakmp sa

IPv4 Crypto ISAKMP SA
   dst                  src             state            conn-id   status
10.10.0.5      10.10.0.2      QM_IDLE           1870 ACTIVE
10.10.0.2      10.10.0.5      QM_IDLE           1871 ACTIVE

 

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎05-21-2015 05:31 AM

For sake of clarity, this is showing you have two IKE sessions. 

The situation can typically occur when: 

1) Both sides initiate IKE session at the same time. 

2) When one of the sides initiates an IKE SA rekey (every 24 hours by default). 

Most of the time not a problem. 

You should be checking whether your IPsec SAs are up and not flapping. 

Enabling "crypto logging session" is probably a good way to have visibility. 

 

 

 

View solution in original post

2 Replies 2

Go to solution
Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎05-21-2015 05:31 AM

For sake of clarity, this is showing you have two IKE sessions. 

The situation can typically occur when: 

1) Both sides initiate IKE session at the same time. 

2) When one of the sides initiates an IKE SA rekey (every 24 hours by default). 

Most of the time not a problem. 

You should be checking whether your IPsec SAs are up and not flapping. 

Enabling "crypto logging session" is probably a good way to have visibility. 

 

 

 

Go to solution
David Kleberson
Level 1
Level 1
In response to Marcin Latosiewicz

‎05-23-2015 10:25 PM

Dear Marcin Latosiewicz,

Thank you for explanation!

0 Helpful
Customers Also Viewed These Support Documents