08-29-2012 07:57 AM
08-29-2012 10:53 AM
You could also use the following two commands:
show crypto isakmp sa
show crypto ipsec sa
They will show you if Phase 1 and Phase 2 are up respectively.
Witht the first you can see if Phase1 is completing or if it is failing at some point.
If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.
08-29-2012 08:14 AM
You can use the following command to see if you VPN is up:
asa#sh vpn-sessiondb l2l
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-29-2012 11:35 AM
Thanks guys...
the issue was a bot attack on the remote site....rebooting the AA fix the issue Cisco Engineer told me is no fix.
08-29-2012 10:53 AM
You could also use the following two commands:
show crypto isakmp sa
show crypto ipsec sa
They will show you if Phase 1 and Phase 2 are up respectively.
Witht the first you can see if Phase1 is completing or if it is failing at some point.
If Phase1 is up, then with the second command you will be able to see if Phase2 is up, and if you are sending and/or receiving traffic across the tunnel.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: