Debugging site ti site VPN

Unanswered Question
Jun 4th, 2008
User Badges:


We are not able to form site to site VPN tunnel over internet using ASA on our side and juniper F/w on another side. we have configured correct algorithms yet tunnel is not forming. How to debug the same problem. Are there any debugging commands to debug ipsec ?

Any link on is highly appreciable.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
attrgautam Wed, 06/04/2008 - 02:28
User Badges:
  • Silver, 250 points or more

Some useful commands on Cisco will be

sh crypto isakmp sa

sh crypto ipsec sa detail

debug crypto isakmp

debug crypto ipsec

There are lots of links in Cisco for troubleshooting IPSEC - You may find them using the search option and there are enough posts in Netpro as well which explain troubleshooting IPSEC.


This Discussion