ASA Phase 1 question

Unanswered Question
Oct 1st, 2009
User Badges:

My understanding is that when configuring phase 1 parameters on the ASA, that depending on how the peers are configured, the ASA will go down the list of isakmp policies until a match is found.

Also, that phase 1 and phase 2 do not have to match in their policy partameters.

Hopefully this is not too obvious, because I am missing it:

Where can I see which isakmp policy a particular l2l tunnel is using?

"sh cry isa sa" only shows the status.

If I have a list of ten policies, and I only have access to my end (outside party l2l), how can I determine which phase 1 policy a particular tunnel is using?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion