08-29-2012 07:57 AM
08-29-2012 10:53 AM
You could also use the following two commands:
show crypto isakmp sa
show crypto ipsec sa
They will show you if Phase 1 and Phase 2 are up respectively.
Witht the first you can see if Phase1 is completing or if it is failing at some point.
If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.
08-29-2012 08:14 AM
You can use the following command to see if you VPN is up:
asa#sh vpn-sessiondb l2l
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-29-2012 11:35 AM
Thanks guys...
the issue was a bot attack on the remote site....rebooting the AA fix the issue Cisco Engineer told me is no fix.
08-29-2012 10:53 AM
You could also use the following two commands:
show crypto isakmp sa
show crypto ipsec sa
They will show you if Phase 1 and Phase 2 are up respectively.
Witht the first you can see if Phase1 is completing or if it is failing at some point.
If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide