CISCO-ASA - IPsec Debug Commands: Difference between revisions
From Wiki.IT-Arts.net
imported>Z (Created page with "Category:Post-It == Show phase 1 == All phase 1 : <nowiki> ASA# show crypto isakmp sa ASA# sh crypto ikev1 sa</nowiki> A specific phase 1 : <nowiki> ASA# show cr...") |
imported>Z No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 11: | Line 11: | ||
ASA# sh crypto ikev1 sa</nowiki> | ASA# sh crypto ikev1 sa</nowiki> | ||
Or a specific phase 1 : | |||
<nowiki> | |||
ASA# show crypto isakmp sa detail | b <REMOTE-IP></nowiki> | |||
== Check Phase 2 Tunnel == | |||
<nowiki> | <nowiki> | ||
ASA# show crypto ipsec sa peer <REMOTE-IP></nowiki> | ASA# show crypto ipsec sa peer <REMOTE-IP></nowiki> | ||
Latest revision as of 11:44, 1 May 2024
Show phase 1
All phase 1 :
ASA# show crypto isakmp sa ASA# sh crypto ikev1 sa
Or a specific phase 1 :
ASA# show crypto isakmp sa detail | b <REMOTE-IP>
Check Phase 2 Tunnel
ASA# show crypto ipsec sa peer <REMOTE-IP>
Display The PSK
ASA# more system:running-config | b tunnel-group <REMOTE-IP>
Display Details
Uptime, and so on :
ASA# sh vpn-sessiondb detail l2l | b <REMOTE-IP>
Debug Mode
debug crypto isakmp ! debug crypto ipsec !
Test Traffic
ASA# packet-tracer input INTERFACE-NAME icmp 172.18.96.8 8 0 192.168.0.3 detailed
