Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1432
Views
0
Helpful
3
Replies

How I know my vpn site is up or what commands I cn use to chek it.?

Go to solution
juancarlosmartinez
Level 1
Level 1

‎08-29-2012 07:57 AM

Hi Guys

How can I check if my vpn is working > I cannot ping the other side I cannot log into the another VPN asa. 5510. Is any commands I can run?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
danmoren
Level 1
Level 1

‎08-29-2012 10:53 AM

You could also use the following two commands:

show crypto isakmp sa

show crypto ipsec sa

They will show you if Phase 1 and Phase 2 are up respectively.

Witht the first you can see if Phase1 is completing or if it is failing at some point.

If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Karsten Iwen
VIP
VIP

‎08-29-2012 08:14 AM

You can use the following command to see if you VPN is up:

asa#sh vpn-sessiondb l2l

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

0 Helpful

Go to solution
juancarlosmartinez
Level 1
Level 1
In response to Karsten Iwen

‎08-29-2012 11:35 AM

Thanks guys...

the issue was a bot attack on the remote site....rebooting the AA fix the issue Cisco Engineer told me is no fix.

0 Helpful

Go to solution
danmoren
Level 1
Level 1

‎08-29-2012 10:53 AM

You could also use the following two commands:

show crypto isakmp sa

show crypto ipsec sa

They will show you if Phase 1 and Phase 2 are up respectively.

Witht the first you can see if Phase1 is completing or if it is failing at some point.

If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents