Easy VPN Configuration Example
Troubleshoot
15
OL-6340-01
outbound esp sas:
spi: 0x59C46762(1506043746)
transform: esp-3des esp-md5-hmac ,
in use settings ={Tunnel, }
slot: 0, conn id: 5130, flow_id: 10, crypto map: INT_MAP
crypto engine type: Hardware, engine_id: 2
sa timing: remaining key lifetime (k/sec): (4574224/14292)
ike_cookies: A479BC19 B6199FB9 E043AE83 9DECB0E8
IV size: 8 bytes
replay detection support: Y
outbound ah sas:
outbound pcp sas:
The following is sample output from the
show crypto ipsec client ezvpn
command, performed using the
configuration on the EzVPN Spoke 1 location:
EzVPN-Spoke-1#
show crypto ipsec client ezvpn
Easy VPN Remote Phase: 2
Tunnel name : VPN1
Inside interface list: FastEthernet0/0,
Outside interface: Dialer0
Current State: IPSEC_ACTIVE
Last Event: SOCKET_UP
Address: 10.1.1.3
Mask: 255.255.255.255
DNS Primary: 192.168.168.183
DNS Secondary: 192.168.226.120
NBMS/WINS Primary: 192.168.179.89
NBMS/WINS Secondary: 192.168.2.87
Default Domain: cisco.com
The following is sample output from the
show crypto ipsec client ezvpn
command, performed using the
configuration on the EzVPN Spoke 2 location:
EzVPN-Spoke-2#
show crypto ipsec client ezvpn
Easy VPN Remote Phase: 2
Tunnel name : VPN1
Inside interface list: FastEthernet0/0,
Outside interface: Serial0/0/0
Current State: IPSEC_ACTIVE
Last Event: SOCKET_UP
DNS Primary: 192.168.168.183
DNS Secondary: 192.168.226.120
NBMS/WINS Primary: 192.168.179.89
NBMS/WINS Secondary: 192.168.2.87
Default Domain: cisco.com
Troubleshoot
This section provides information for troubleshooting your configuration.
See the following tech note:
•
IP Security Troubleshooting - Understanding and Using debug Commands