show crypto isakmp sa
This command shows the Internet Security Association Management Protocol (ISAKMP) security associations (SAs) built between peers.dst src state conn-id slot 12.1.1.2 12.1.1.1 QM_IDLE 1 0
show crypto ipsec sa
This command shows IPsec SAs built between peers. The encrypted tunnel is built between 12.1.1.1 and 12.1.1.2 for traffic that goes between networks 20.1.1.0 and 10.1.1.0. You can see the two Encapsulating Security Payload (ESP) SAs built inbound and outbound. Authentication Header (AH) is not used since there are no AH SAs.Ref: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml
No comments:
Post a Comment