04-08-2010 04:02 AM
Is there a way to tell which one has been negotiated & is currently being used with a specific peer?
Solved! Go to Solution.
04-08-2010 04:37 AM
This will show you the negotiated phase 1 lifetime:
show crypto mib isakmp flowmib tunnel
04-08-2010 04:03 AM
This is on a 7206VXR
04-08-2010 04:06 AM
"show crypto engine connections" should show you what phase 1 (IKE) policy has been negotiated.
04-08-2010 04:20 AM
I fumbled through the available options but didn't see the output I was looking for. sh cry en conn dh shows some phase 1 attributes but some of my policies are identical except for the lifetimes.
04-08-2010 04:11 AM
droeun141 wrote:
Is there a way to tell which one has been negotiated & is currently being used with a specific peer?
Have you tried "sh crypto isakmp sa detail" ?
Jon
04-08-2010 04:22 AM
Yeah I tried that one too, but it doesn't show negotiated lifetime, only remaining.
04-08-2010 04:37 AM
This will show you the negotiated phase 1 lifetime:
show crypto mib isakmp flowmib tunnel
04-08-2010 04:49 AM
Bingo! thanks guys
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: