show crypto session

Unanswered Question
Nov 2nd, 2007
User Badges:


Can anyone explain the following.

At times when I issue the following commamand

sh crypto session detail

The status shows the following.

Session status: UP-NO-IKE

However, traffic is following between the type nodes running IPSEC.

How can the session be up if we have no IKE.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
ajagadee Fri, 11/02/2007 - 09:14
User Badges:
  • Cisco Employee,


When you see "UP-NO-IKE" when you run "show crypto session detail", this basically means that the IKE SA exists but inactive because the key exchange has already taken place.

Please refer the below URL for some excellent details on various status of IKE SA's.

I hope it helps.



** Please rate all helpful posts **


This Discussion