Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

Show isakmp output help

Hi all,

Can anyone help me understand what the following output means?

Firewall#show isakmp

There are no isakmp sas

Global IKE Statistics

Active Tunnels: 0

Previous Tunnels: 1997

In Octets: 1848392

In Packets: 12661

In Drop Packets: 2108

In Notifys: 2391

In P2 Exchanges: 1948

In P2 Exchange Invalids: 0

In P2 Exchange Rejects: 1923

In P2 Sa Delete Requests: 0

Out Octets: 1545048

Out Packets: 11229

Out Drop Packets: 0

Out Notifys: 5590

Out P2 Exchanges: 58

Out P2 Exchange Invalids: 0

Out P2 Exchange Rejects: 0

Out P2 Sa Delete Requests: 81

Initiator Tunnels: 56

Initiator Fails: 0

Responder Fails: 115

System Capacity Fails: 0

Auth Fails: 61

Decrypt Fails: 0

Hash Valid Fails: 0

No Sa Fails: 61

Global IPSec over TCP Statistics

--------------------------------

Embryonic connections: 0

Active connections: 0

Previous connections: 0

Inbound packets: 0

Inbound dropped packets: 0

Outbound packets: 0

Outbound dropped packets: 0

RST packets: 0

Recevied ACK heart-beat packets: 0

Bad headers: 0

Bad trailers: 0

Timer failures: 0

Checksum errors: 0

Internal errors: 0

I'm specifically looking for information on the Auth fails, and P2 Exchange requests.

I upgraded the PIX OS from 6.3 to 8.04 and now the VPN doesn't seem to work anymore. Has anyone seen this before?

Thanks in advance,

--Brandon

1 REPLY

Re: Show isakmp output help

Brandon,

if you are having isakmp auth fails - you need to check your authentication procedure, and double check your PSK is the same on both ends.

HTH>

521
Views
0
Helpful
1
Replies
CreatePlease login to create content