Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to check ALL routing table (also the VPN routing table)


is there a command with the cli to cehck all the routing tables also the IPSEC L2L (because if I need to configure a new VPN L2L or a new route need to check the all configuration !!!)

With the "sh ip route" I cannot see the VPN IPSEC L2L (or the C2L routes)

Thanks to all.


Re: How to check ALL routing table (also the VPN routing table)

You're wanting to see what traffic is allowed over your tunnels? "sh ip route" will only show the routes that your router knows about, and it won't know about the routes that the other router knows about (unless you're running a routing protocol over a gre tunnel).

You can use "sh crypt ipsec" and it will show you what networks are allowed through the tunnel.

Otherwise, there's not a command that I'm aware of that will do what you're asking. (If there is, I'm drawing a blank.)



HTH, John *** Please rate all useful posts ***
New Member

Re: How to check ALL routing table (also the VPN routing table)

If you want to have such a visibility you need to implement IPSEC with Virtual Tunnel Interfaces.

IP security (IPsec) virtual tunnel interfaces (VTIs) provide a routable interface type for terminating IPsec tunnels and an easy way to define protection between sites to form an overlay network. IPsec VTIs simplify configuration of IPsec for protection of remote links, support multicast, and simplify network management and load balancing.

Otherwise if you stick to your existing conf and want to see what is into the encryption domain :

show crypto ipsec sa