Unanswered Question
Aug 11th, 2008

What would be the problem the crypto session shows down.

But I can ping peer to peer.

AIRTEL-DELHI#sh crypto se

Crypto session current status

Interface: Serial0

Session status: DOWN

Peer: port 500

IPSEC FLOW: permit ip

Active SAs: 0, origin: crypto map

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Richard Burts Mon, 08/11/2008 - 03:24


When you ping is the source address in (the source addresses apparently selected in the access list that is part of the crypto map)?

Other than possible issues is the addressing there are several other things that might keep the session from coming active. These might include:

- possible mismatch of preshared keys.

- possible mismatch of ISAKMP parameters.

- possible mismatch of IPSec parameters.

- possible filtering of the ISAKMP or IPSec packets.

It might help us to find your problem if you would post the config.




This Discussion