cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
2929
Views
0
Helpful
4
Replies
rgonzalch
Beginner

troubleshooting ezvpn

Hi,

Somebody knows how can i see the public and privates address from ezvpn client (hardware) on the ezvpn server?

Best Regards.

4 REPLIES 4
auraza
Cisco Employee

IOS or ASA?

Sorry IOS.

If the remote end is in NEM (Network Extension Mode) then you can see the network behind the remote router, by doing a "show crypto ipsec sa" - this will show you the SA's along with the Peer IP.

You can also do a show crypto session.

If you're using client-mode then all you'll see is the IP assigned to the remote router from your pool and not the network behind it.

PS. if you found this post helpful, please rate it.

HI,

I have NEM.

I can not see the networks look it

hub3#sh cry ip sa

interface: Virtual-Access2

Crypto map tag: Virtual-Access2-head-0, local addr 20.x.x.x

protected vrf: (none)

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

current_peer 201.x.x.x port 500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 26986, #pkts encrypt: 26986, #pkts digest: 26986

#pkts decaps: 29519, #pkts decrypt: 29519, #pkts verify: 29519

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0

#pkts not decompressed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 20.x.x.x, remote crypto endpt.: 201.x.x.x

path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/2.1

current outbound spi: 0xEFA9C57F(4020880767)

inbound esp sas:

spi: 0x7EA6467B(2124826235)

transform: esp-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2107, flow_id: VAM2+:107, crypto map: Virtual-Access2-head-0

sa timing: remaining key lifetime (k/sec): (4487381/874)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

inbound ah sas:

inbound pcp sas:

outbound esp sas:

spi: 0xEFA9C57F(4020880767)

transform: esp-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2108, flow_id: VAM2+:108, crypto map: Virtual-Access2-head-0

sa timing: remaining key lifetime (k/sec): (4487426/874)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

outbound ah sas:

outbound pcp sas:

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: pxGrid (35%)

Content for Community-Ad