Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
507
Views
0
Helpful
2
Replies

no output when running debug crypto ikev1

Herman2018
Level 3
Level 3

ā€Ž03-05-2024 05:19 AM

hi, we tried to config a site-to-site vpn to AWS on cisco asa (ver 9.1.x). After configuring on asa based on the configuration file downloaded from AWS, the vpn tunnel is not up, there is nothing (no sa) when running the command "sh crypto isakmp sa" or "sh crypto ikev1 sa", Then try to run debug "debug crypto ikev1 " , "debug crypto ikev1 32", there is no output. Can you anyone pls advise? thanks in advance! 

Labels:
0 Helpful
2 Replies 2

Kasun Bandara
VIP
VIP

ā€Ž03-05-2024 05:26 AM - edited ā€Ž03-05-2024 05:26 AM

@Herman2018 hi, few things to check.

1. are you using asdm or cli to configure?

2. is your config have crypto enable command for outside interface?

3. do you have configured routing towards internet? default route?

check if your config match with below configurations,

https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/vpn/asa-96-vpn-config/vpn-site2site.html

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

MHM Cisco World
VIP
VIP

ā€Ž03-05-2024 05:42 AM

Asa use 

Debug crypto isakmp 127

Debug crypto ipsec 127

For S2S vpn

0 Helpful
Customers Also Viewed These Support Documents