Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1326
Views
0
Helpful
3
Replies

Output of "show crypto ipsec sa"

Go to solution
david.chosrova
Level 1
Level 1

ā€Ž08-19-2011 12:11 PM - edited ā€Ž02-21-2020 05:31 PM

Hello,

In a basic VPN l2l scenario using ezVPN, server  behind NAT device, client using 3G. What would be the reason to have in the output of the show crypto ipsec sa, a current peer different from remote crypto endpoint on the server ?

Thanks for your help.

David

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž08-19-2011 05:05 PM

Since it is behind a NAT device and NAT is only layer 3, and it doesn't modify any of the content of the IPSec VPN during the negotiation because it is encrypted, hence you might see current peer different from remote crypto endpoint on the server.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

ā€Ž08-19-2011 05:05 PM

Since it is behind a NAT device and NAT is only layer 3, and it doesn't modify any of the content of the IPSec VPN during the negotiation because it is encrypted, hence you might see current peer different from remote crypto endpoint on the server.

0 Helpful

Go to solution
david.chosrova
Level 1
Level 1
In response to Jennifer Halim

ā€Ž08-22-2011 01:49 PM

Hello Jennifer,

Thanks for your reply, I was thinking about this, but was not 100% sure. :-).

Regards.

David

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to david.chosrova

ā€Ž08-23-2011 04:21 PM

Cheers, pls kindly mark the post as answered if you have no further question so others can learn from your post. Thank you.

0 Helpful
Customers Also Viewed These Support Documents