Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
426
Views
5
Helpful
1
Replies

Site to Site ikev1 VPN enquiry

bmak
Level 1
Level 1

‎10-22-2019 07:52 PM - edited ‎10-22-2019 07:52 PM

Hi,

 

I have an ASA running on an OS 9.0.x.

I am trying to figure out how to see the phase 1 settings i.e the Hash, Encryption, DH group, lifetime that is being used by a particular active VPN connection, I have the information for the peer IP of the VPN connection but I am unable to find a command that displays the phase1 setting currently being used by the VPN connection. 

 

I would also like to know what command is used to set a lifetime on phase2(IPsec) portion of the VPN.

 

Thank you

Labels:
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎10-23-2019 01:20 AM - edited ‎10-23-2019 01:23 AM

Hi,

Use the command "show crypto ikev2 sa" or "show crypto ikev1 sa" depending on your IKE version in use to display the IKE SA algorithms in use for the active session.

 

The command "crypto map CRYPTO_MAP_NAME 1 set security-association lifetime seconds xxxxxx" to set IPSec SA lifetime.

 

HTH

Customers Also Viewed These Support Documents