Cisco Device Troubleshooting Commands
CISCO VPN TROUBLESHOOTING:
sh crypto session : shows active VPN sessions
sh crypto session detail : shows details of VPN sessions
sh crypto session detail : shows details of VPN sessions
sh crypto ipsec sa : show ipsec saís between peers
sh crypto isakmp sa : show internet security association management protocol security associations between peers.
sh crypto engine connection active : show traffic sent. Encryptions outbound decryptions inbound.
sh crypto isakmp sa : show internet security association management protocol security associations between peers.
sh crypto engine connection active : show traffic sent. Encryptions outbound decryptions inbound.
debug crypto isakmp errors : will give you breif info when isakmp throws an error
debug crytpo isakmp : it is a detailed output of the entire phase 1 negotiation processes - on a rolling basis - so if your VPN is broken, it's almost a non-stop output.
debug crytpo isakmp : it is a detailed output of the entire phase 1 negotiation processes - on a rolling basis - so if your VPN is broken, it's almost a non-stop output.
clear crypto isa sa : reset VPN tunnel (this brings tunnel offline breifly)
CISCO SWITCH/ROUTER TROUBELSHOOTING
Sh log : shows the log (if availiable) of logging messages
Sh int gix/x : shows the interface counters of a device
SPAN A PORT:
monitor session | source int xxxx
monitor session | dest int xxxx
sh monitor
MORE CISCO TROUBLESHOOTING COMMANDS:
sh proc cpu history : show processor history in graphic format
sh proc memory sorted : show memory usage history
sh int gi x/x : shows interface counters
sh log : shows the log (if availiable) of logging messages
sh proc memory sorted : show memory usage history
sh int gi x/x : shows interface counters
sh log : shows the log (if availiable) of logging messages
* Please use the comment form below. Comments are moderated.*
Comments