08-03-2021 11:51 AM
Hi Folks,
I have some problems and confusion with IPSec phases and Ike version and relationship with fqdn.
I can set up tunnels but I'm not sure how troubleshootingIf you have any resources or documentations for that please update me
08-04-2021 03:44 AM - edited 08-04-2021 03:45 AM
You can use below commands for diagnosis each phase:
Phase 1 = "show crypto isakmp sa" or "show crypto ikev1 sa" or "show crypto ikev2 sa"
Phase 2 = "show crypto ipsec sa"
Here is the step by step troubleshooting guide :
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html
BB
***** Rate All Helpful Responses *****
How to Ask The Cisco Community for Help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community