Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

show crypto session

Hi

Can anyone explain the following.

At times when I issue the following commamand

sh crypto session detail

The status shows the following.

Session status: UP-NO-IKE

However, traffic is following between the type nodes running IPSEC.

How can the session be up if we have no IKE.

  • Other Security Subjects
1 REPLY
Cisco Employee

Re: show crypto session

Hi,

When you see "UP-NO-IKE" when you run "show crypto session detail", this basically means that the IKE SA exists but inactive because the key exchange has already taken place.

Please refer the below URL for some excellent details on various status of IKE SA's.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d33e1.html

I hope it helps.

Regards,

Arul

** Please rate all helpful posts **

2637
Views
9
Helpful
1
Replies
This widget could not be displayed.