JohanPersson.nu

My Digital Brain

Misc Troubleshooting

Written by

Johan

in

Here are some nice troubleshooting tips:

Tear down IPSEC tunnel: clear ipsec sa

  • clear crypto ipsec sa — This command resets the IPsec SAs after failed attempts to negotiate a VPN tunnel.

  • clear crypto isakmp sa — This command resets the ISAKMP SAs after failed attempts to negotiate a VPN tunnel.

    Capture packets on interface:

          capture CAPTURENAME access-list ACCESSLISTNAME interface INSIDE/OUTSIDE

    Check hits on access-lists: sh access-list

    Use more system:running-config to be able to read and verify the pre-shared keys in clear text.

    Links

    http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00807f2d37.shtml

    • Comments

    Leave a Reply

    To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)

    More posts