10-09-2009 09:43 AM
Hi,
Somebody knows how can i see the public and privates address from ezvpn client (hardware) on the ezvpn server?
Best Regards.
10-09-2009 10:09 AM
IOS or ASA?
10-09-2009 10:13 AM
Sorry IOS.
10-09-2009 10:30 AM
If the remote end is in NEM (Network Extension Mode) then you can see the network behind the remote router, by doing a "show crypto ipsec sa" - this will show you the SA's along with the Peer IP.
You can also do a show crypto session.
If you're using client-mode then all you'll see is the IP assigned to the remote router from your pool and not the network behind it.
PS. if you found this post helpful, please rate it.
10-15-2009 10:46 AM
HI,
I have NEM.
I can not see the networks look it
hub3#sh cry ip sa
interface: Virtual-Access2
Crypto map tag: Virtual-Access2-head-0, local addr 20.x.x.x
protected vrf: (none)
local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
remote ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
current_peer 201.x.x.x port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 26986, #pkts encrypt: 26986, #pkts digest: 26986
#pkts decaps: 29519, #pkts decrypt: 29519, #pkts verify: 29519
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: 20.x.x.x, remote crypto endpt.: 201.x.x.x
path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/2.1
current outbound spi: 0xEFA9C57F(4020880767)
inbound esp sas:
spi: 0x7EA6467B(2124826235)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2107, flow_id: VAM2+:107, crypto map: Virtual-Access2-head-0
sa timing: remaining key lifetime (k/sec): (4487381/874)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0xEFA9C57F(4020880767)
transform: esp-aes esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2108, flow_id: VAM2+:108, crypto map: Virtual-Access2-head-0
sa timing: remaining key lifetime (k/sec): (4487426/874)
IV size: 16 bytes
replay detection support: Y
Status: ACTIVE
outbound ah sas:
outbound pcp sas:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: