Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 9.1(4) Monitoring Ikev2 Tunnel

Hi all,

I have some systems deployed with ASA 5505 devices that were previously running 8.3.(1) and was monitoring the tunnels using cacti.  I upgraded the devices to 9.1(4) to take advantage of the suite B features.  The tunnels are not operating as Ikev2 aes-256 sha256 group 19 using nat-t  In my snmp queries, I am now seeing the pre-nat peer IP which is the private address on my ASA outside interface.  When I do "sh crypto ikev2 sa" I get the proper public peer IP.  Is this expected behaviour or a potential bug?  I am looking at all of the mib data now and trying to determine if there is a different OID for ikev2.

Thanks,

Shelby

1 REPLY
New Member

ASA 9.1(4) Monitoring Ikev2 Tunnel

Correction from above. The tunnels are NOW operating as Ikev2 aes-256 sha256 group 19 using nat-t

155
Views
0
Helpful
1
Replies
CreatePlease login to create content