Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

show crypto isakmp sa

Hello Guy,

i get a small prob.: on my Cisco 2600 Router Branch Office connect via VPN 3des to PIX 535. all thinks works fine but i cann see the Q-idle of this command: "sh cryp isa sa"

any reason why ?

thanks for yor suggession

BBZ#sh cry isa sa

dst src state conn-id slot

BBZ-FRANKFURT#

AF

3 REPLIES
New Member

Re: show crypto isakmp sa

Hi,

There is nothing to worry about. The QM_IDLE state simply says that your ISAKMP SA is up. The IPSec may or may not be established. The QM_IDLE is the last state in Phase-1 negotiations and states that an ISAKMP SA is created.

Cheers :-))

Naveen

mnaveen@cisco.com

New Member

Re: show crypto isakmp sa

Hello,

We are seeing the same and still doubt why sometimes the QM_IDLE status is not reported when typing the "show crypto isa sa" command. Potential IOS bug ? Anyone has got a clue ?

Thanks, Martijn

New Member

Re: show crypto isakmp sa

use the

'show crypto engine connections active' command

389
Views
0
Helpful
3
Replies
CreatePlease login to create content