show crypto session

Unanswered Question
Nov 2nd, 2007

Hi

Can anyone explain the following.

At times when I issue the following commamand

sh crypto session detail

The status shows the following.

Session status: UP-NO-IKE

However, traffic is following between the type nodes running IPSEC.

How can the session be up if we have no IKE.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
ajagadee Fri, 11/02/2007 - 09:14

Hi,

When you see "UP-NO-IKE" when you run "show crypto session detail", this basically means that the IKE SA exists but inactive because the key exchange has already taken place.

Please refer the below URL for some excellent details on various status of IKE SA's.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d33e1.html

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

Actions

This Discussion