09-18-2008 10:34 AM
I used to be able to see the number of packets encypted and decrypted using the sh ipsec sa command.... I cannot see that anymore. Has anyone seen this before?
Crypto map tag: themap, seq num: 10, local addr: XXXX
access-list 130 permit ip 172.XXX 255.255.254.0 172.XXX 255.255.0.0
local ident (addr/mask/prot/port): (172.XXX/255.255.254.0/0/0)
remote ident (addr/mask/prot/port): (172.XXX/255.255.0.0/0/0)
current_peer: XXXX
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 92, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: XXXX, remote crypto endpt.: XXXX
path mtu 1500, ipsec overhead 58, media mtu 1500
current outbound spi: 8AB4FE37
inbound esp sas:
spi: 0xF72E1976 (4146993526)
transform: esp-3des esp-sha-hmac no compression
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 126976, crypto-map: themap
sa timing: remaining key lifetime (kB/sec): (4275000/15175)
IV size: 8 bytes
replay detection support: Y
outbound esp sas:
spi: 0x8AB4FE37 (2327117367)
transform: esp-3des esp-sha-hmac no compression
in use settings ={L2L, Tunnel, }
slot: 0, conn_id: 126976, crypto-map: themap
sa timing: remaining key lifetime (kB/sec): (4274999/15167)
IV size: 8 bytes
replay detection support: Y
09-18-2008 10:46 AM
What device is this ? ASA? what code its running?
can you try "show crypto ipsec sa" and see if it shows counters for encrypts/decrypts?
HTH
Saju
Pls rate helpful posts
09-18-2008 10:48 AM
Sorry - this is an ASA5580 ver 8.1(1)
I have tried all types of show commands, including details.
sh ipsec sa
sh ipsec sa det
sh crypto ipsec sa
sh crypto ipsec sa det
09-18-2008 12:46 PM
This could be a bug with version code. You can open TAC case to have it investigated.
HTH
Saju
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide