Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3510
Views
0
Helpful
2
Replies

Session Status : UP-NO-IKE

ssikrikar@verisk.com
Level 1
Level 1

‎01-06-2018 10:06 PM - edited ‎03-12-2019 04:53 AM

Hi Everyone,

 

The show crypto session result shows Session Status : UP-NO-IKE  .

However the VPN is up and operational and all the interesting traffic working fine .

Earlier we were using physical interface as tunnel endpoint and it use to show UP-Active.

Now after using loopback as a tunnel endpoint ,the VPN is up but it show UP-NO-IKE.

 

show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
192.3X.XX.XX 103.XX.XX.XX QM_IDLE 1033 ACTIVE
206.XX.XX.XX  103.XX.XX.XX QM_IDLE 1032 ACTIVE

Here the 103.XX.XX.XX ip is of loopback interface 

 

Labels:
0 Helpful
2 Replies 2

Bogdan Nita
VIP Alumni
VIP Alumni

‎01-07-2018 04:09 AM

Hi ssikrikar,

The IKE phase 1 tunnel is only used to establish the IKE phase 2 tunnel, after the IKE phase 2 is up there is no need for the IKE phase 1. When the IKE phase 2 needs to be renegotiated the IKE phase 1 will be brought back up for that.

 

HTH

Bogdan

0 Helpful

ssikrikar@verisk.com
Level 1
Level 1
In response to Bogdan Nita

‎01-07-2018 07:19 PM

Thanks  Bogdan  

0 Helpful
Customers Also Viewed These Support Documents