Name: Cisco 2800 Series
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

Easy VPN Configuration Example

Verify

OL-6340-01

Verify

This section provides instructions for verifying that your configuration works properly.

Certain show commands are supported by the Output Interpreter Tool (registered customers only), which

allows you to view an analysis of show command output. In summary:

•

show crypto engine connections active—Shows the encrypted and decrypted packets.

•

show crypto ipsec sa—Shows the phase 2 IPSec security associations for the hub.

•

show crypto ipsec client ezvpn—Shows the phase 2 IPSec security associations for the EzVPN

client.

•

show crypto isakmp sa—Shows the phase 1 ISAKMP security associations.

One of the first indications of successful IPSec negotiation is a message displayed on the Virtual Private

Network (VPN) concentrator console. Upon successful IPSec negotiation by the EzVPN clients, a

message similar to the following is displayed on the VPN concentrator console, indicating the

establishment of crypto connections to the remote EzVPN clients.

EzVPN-Hub#

*Feb 23 10:33:10.663: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer

10.32.150.46:500 Id: VPN1

*Feb 23 10:33:37.439: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer

10.32.152.46:500 Id: VPN1

The following examples show sample output for the show crypto ipsec sa and show crypto ipsec client

ezvpn commands.

The following is sample output from the show crypto ipsec sa command, performed using the

configuration on the EzVPN Hub location:

EzVPN-Hub# show crypto ipsec sa

interface: ATM0/0/0

Crypto map tag: INT_MAP, local addr. 10.32.152.26

protected vrf:

local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)

remote ident (addr/mask/prot/port): (10.1.1.3/255.255.255.255/0/0)

current_peer: 10.32.152.46:500

PERMIT, flags={}

#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0

#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0

#pkts not decompressed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 10.32.152.26, remote crypto endpt.: 10.32.152.46

path mtu 4470, media mtu 4470

current outbound spi: EBA2AC93

Other manuals for Cisco 2800 Series

Quick Start Guide46 pages

Datasheet5 pages

Configuring32 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco 2800 Series and is the answer not in the manual?

Cisco 2800 Series Specifications

General

Power Supply	Internal power supply
Product Type	Router
Form Factor	Rack-mountable
Connectivity Technology	Wired
Power Device	Internal power supply
Operating System	Cisco IOS
Integrated Services	Security, voice
WAN Interfaces	T1/E1, Serial
LAN Interfaces	Fast Ethernet, Gigabit Ethernet
Expansion Slots	4
Data Link Protocol	Ethernet, Fast Ethernet, Gigabit Ethernet
Network/Transport Protocol	IP, TCP
Remote Management Protocol	SNMP, Telnet
Features	VPN support, Quality of Service (QoS), VLAN support
Voltage Required	AC 100-240 V
Security Features	Firewall, VPN, Access Control Lists (ACLs)