cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
100
Views
0
Helpful
3
Replies
Highlighted
Participant

isakmp SA

Dear All,

 

Can please advise why in Isakmp sa detail, we see Local as 23.x.x.x and remote as 42.x.x.x.

In just Isakmp sa, we see dst as 23.x.x.x and src as 42.x.x.x (Please see below. Both commands are executed on the same router)

 

Thanks in advance.

 

R1#SH CRYpto ISAkmp SA DEtail
Codes: C - IKE configuration mode, D - Dead Peer Detection
       K - Keepalives, N - NAT-traversal
       T - cTCP encapsulation, X - IKE Extended Authentication
       psk - Preshared key, rsig - RSA signature
       renc - RSA encryption
IPv4 Crypto ISAKMP SA

C-id  Local           Remote          I-VRF  Status Encr Hash   Auth DH Lifetime Cap.

1001  23.0.0.1        42.0.0.2               ACTIVE aes  sha    psk  2  23:46:43
       Engine-id:Conn-id =  SW:1

IPv6 Crypto ISAKMP SA

 

 

R1#SH CRYpto ISAkmp SA
IPv4 Crypto ISAKMP SA
dst             src             state          conn-id status
23.0.0.1        42.0.0.2        QM_IDLE           1001 ACTIVE

IPv6 Crypto ISAKMP SA

 

 

Thanks

Everyone's tags (1)
3 REPLIES 3
Highlighted
Cisco Employee

One describes what is local

One describes what is local and remote IP, the other describes who's the source and destination for an IKE session, i.e. who initiated this IKE session. 

Highlighted
Participant

Hi Marcin, Thanks for your

Hi Marcin,

 

Thanks for your reply. So in this above case, since src is 42.0.0.2, the other side initiated this connection first?

 

Highlighted
Cisco Employee

That's how I remember it, it

That's how I remember it, it's been two years :-)