Re:Site-to-site VPN usage

SIAVASH KAZEMI · ‎12-13-2012

Hi
What command can I use to get information about my site2site VPN?
Currently I only use the following commands which are not reveal Too much info:
show crypto isakmp sa
show crypto ipsec sa

Regards
Siavash

Sent from Cisco Technical Support Android App

Eugene Korneychuk · ‎12-13-2012

Hello,

If it is Cisco ASA you can use the following commands for S2S:

show crypto ipsec sa detail

show crypto isakmp sa detail

sh vpn-sessiondb l2l

sh vpn-sessiondb detail l2l

Please rate helpful posts

Best Regards,

Eugene

SIAVASH KAZEMI · ‎12-13-2012

Tnx Eugene.
No it's Cisco router, IOS based VPN.

Sent from Cisco Technical Support Android App

Eugene Korneychuk · ‎12-13-2012

Hi,

Then you still can use this commands:

show crypto ipsec sa detail

show crypto isakmp sa detail

Also this commands can be also useful:

show crypto session detail

show crypto engine connections active

Please rate helpful posts

Best Regards,

Eugene

johnlloyd_13 · ‎12-13-2012

as per my CCNA security notes:

Show Command Description

show crypto map Displays configured crypto maps

show crypto isakmp policy Displays configured IKE policies

show crypto ipsec sa Displays established IPsec tunnels

show crypto ipsec transform-set Displays configured IPsec transform sets

debug crypto isakmp Debugs IKE events

debug crypto ipsec Debugs IPsec events