04-08-2010 04:02 AM
Is there a way to tell which one has been negotiated & is currently being used with a specific peer?
Solved! Go to Solution.
04-08-2010 04:37 AM
This will show you the negotiated phase 1 lifetime:
show crypto mib isakmp flowmib tunnel
04-08-2010 04:03 AM
This is on a 7206VXR
04-08-2010 04:06 AM
"show crypto engine connections" should show you what phase 1 (IKE) policy has been negotiated.
04-08-2010 04:20 AM
I fumbled through the available options but didn't see the output I was looking for. sh cry en conn dh shows some phase 1 attributes but some of my policies are identical except for the lifetimes.
04-08-2010 04:11 AM
droeun141 wrote:
Is there a way to tell which one has been negotiated & is currently being used with a specific peer?
Have you tried "sh crypto isakmp sa detail" ?
Jon
04-08-2010 04:22 AM
Yeah I tried that one too, but it doesn't show negotiated lifetime, only remaining.
04-08-2010 04:37 AM
This will show you the negotiated phase 1 lifetime:
show crypto mib isakmp flowmib tunnel
04-08-2010 04:49 AM
Bingo! thanks guys
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide