Question about Cisco ASA 5520 Firewall

1 Answer

What command do i run to show IpSec tunnel status on ASA 5520

Posted by on

Ad

1 Answer

  • Level 1:

    An expert who has achieved level 1.

    New Friend:

    An expert that has 1 follower.

    Corporal:

    An expert that hasĀ over 10 points.

  • Contributor
  • 4 Answers

Show ipsec stats
this command was introduced in code 7.0
it will show the active tunnels, the previous tunnels and several other stats of inbound and outbound packets.....
for example:- IPsec Global Statistics ----------------------- Active tunnels: 2 Previous tunnels: 9 Inbound Bytes: 4933013 Decompressed bytes: 4933013 Packets: 80348 Dropped packets: 0 Replay failures: 0 Authentications: 80348 Authentication failures: 0 Decryptions: 80348 Decryption failures: 0 Decapsulated fragments needing reassembly: 0 Outbound Bytes: 4441740 Uncompressed bytes: 4441740 Packets: 74029 Dropped packets: 0 Authentications: 74029 Authentication failures: 0 Encryptions: 74029 Encryption failures: 0 Fragmentation successes: 3 Pre-fragmentation successes:2 Post-fragmentation successes: 1 Fragmentation failures: 2 Pre-fragmentation failures:1 Post-fragmentation failures: 1 Fragments created: 10 PMTUs sent: 1 PMTUs recvd: 2 Protocol failures: 0 Missing SA failures: 0 System capacity failures: 0

Posted on Dec 12, 2010

Ad

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE:

Hi there,
Save hours of searching online or wasting money on unnecessary repairs by talking to a 6YA Expert who can help you resolve this issue over the phone in a minute or two.

Best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.

Here's a link to this great service

Good luck!

Posted on Jan 02, 2017

Ad

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

I need help with cisco asa 5505 ssl vpn.. ssl


The total sum of the Inside/Outside/ and pool address add up to 5,265. Subtract 10% and multiply by 260 to get the gender aspect of the original formula. Move the Network address to Google and download the residual code offered by the program that appears in the open window. Enter the code in the appropriate space provided and this will solve the problem by late 2015.

Oct 09, 2013 | Cisco ASA 5505 Firewall

1 Answer

ASA VPN setup


this has been nicely explained here:

http://www.computerfreetips.com/Cisco_router_tips/ASA-VPN-tunnel.html

Feb 23, 2012 | Cisco ASA Computers & Internet

1 Answer

Need some basic show command to troubleshoot


mode exec user Router)
ping ip
show ip route
show version
traceroute ip

mode exec priveligiado
show arp
show interface
show protcols
show ip protocols
show startup-config
erase startup-config
reload

Jul 27, 2010 | Cisco ASA 5520 Firewall

1 Answer

Ipsec problem in asa


Use the ping command to check the network or find whether the application server is reachable from your network. It can be a problem with the maximum segment size (MSS) for transient packets that traverse a router or PIX/ASA device, specifically TCP segments with the SYN bit set.

Jan 22, 2010 | Cisco ASA 5510 Firewall

1 Answer

IPSEC problem between ASA and Microsoft ISA


can you try lower encryption levels on each device and see if that helps? sometimes it is neccesary between Cisco and other devices.

May 18, 2009 | Cisco ASA 5510 Firewall

1 Answer

Hello all can you please help me on how to restore the configuration of my ASA 5520? thanx


If you are going for factory reset use the following commands

asa>enable
asa#write erase
asa#reload

Dont save the configuration when it prompts for it.

if you want to restore the configuration from the backup

1. You need to have a TFTP server
2. Locate the config file on your TFTP server
3. TFTP server should be reachable from ASA

then

asa#copy tftp flash

give the tftp server ip address
give the configuration file name (as exactly on the TFTP server)

reload


Apr 01, 2009 | Cisco ASA 5520 Firewall

1 Answer

I need a L2TP configuration for my PIX 515 and ASA 5505


You can do this, For your ref i hv given you a link

http://channel9.msdn.com/forums/9GuyAroundTheWorld/251722-Cisco-Pix-to-Windows-Vista-Native-Client-Using-L2TP-IPSec/


Mar 01, 2009 | Cisco ASA 5500 Firewall

2 Answers

Problem in installing the asdm image ASA 5520 ver 7.1


I had this same issue on my ASA 5520.

1. Copy the config and IOS image to a tftp server.
2. Format flash (disk0)
3. set rommon server, ip addy, and file settings.
4. tftpdnld
5. Once the system has booted to the image copy the asa image file, asdm image file, and config to flash
6. configure asdm image default location and reload

Feb 27, 2008 | Cisco ASA 5520 Firewall

1 Answer

VPN


This example will demonstrate how to create a Virtual private Network (VPN) between two remote locations through the Internet. The VPN policy will use 3DES IPSec to securely send/receive encrypted data over the Internet. When the VPN tunnel is enabled, the two offices will virtually appear to be on the same local network. This example will consist of two DI-804V VPN Routers with a simple setup. The two remote offices in this example will be known as Office A and Office B. Both VPN Routers must already be set up and able to access each other. This is only an example, your setup will vary using the WAN IP address provided by your ISP. Please note the differences in the IP addresses for each office. We will begin by configuring the DI-804V at Office A. Start by going into VPN Settings under the Basic Setup menu. Step 1. In the Connection Name field, type in OfficeA. Click ADD. Step 2. A properties screen will appear for the new connection you have made. Fill in the appropriate information for Office A: Connection Name: OfficeA Local IPSEC Identifier: Local Remote IPSEC Identifier: Remote Remote IP Network: 192.168.1.0 Remote IP Netmask: 255.255.255.0 Remote Gateway IP: 192.170.0.2 Network Interface: WAN ETHERNET Secure Association: IKE Perfect Forward Secure: Enabled PreShared Key: 123456 Key Life: 28800 IKE Life Time: 3600 Step 3 Click SAVE. There should now be a VPN policy created for Office A. Now you will want to Save & Restart the DI-804V. Note: 123456 is an example of a preshared key, please fill in any secret preshared key you desire. Keep in mind that both sites require the same preshared key. Office A setup is now complete, we will now configure Office B with the other DI-804V, Follow the same steps previously with Ofice A to create a VPN policy. Step 1 Please change the appropriate information. Connection Name: OfficeB Local IPSEC Identifier: Local Remote IPSEC Identifier: Remote Remote IP Network: 192.168.0.0 Remote IP Netmask: 255.255.255.0 Remote Gateway IP: 192.170.0.1 Network Interface: WAN ETHERNET Secure Association: IKE Perfect Forward Secure: Enabled PreShared Key: 123456 Key Life: 28800 IKE Life Time: 3600 Step 2 Click SAVE. There should now be a VPN policy created for Office B. Now you will want to Save & Restart the DI-804V. After the VPN policies have been created for the two Offices, the two remote locations should authenticate and connect. To view the status of the VPN connection, go to the Device Status menu. On the bottom-left side of the menu, click on the VPN Status icon. A VPN Status pop-up screen will appear showing VPN connection status. If a VPN tunnel is active, the State should indicate Q-Estab. Go to a DOS prompt and ping the internal IP address of the remote network.

Feb 16, 2006 | D-Link DI 804V (DI-804V) Router

Not finding what you are looking for?
Cisco ASA 5520 Firewall Logo

1,001 people viewed this question

Ask a Question

Usually answered in minutes!

Top Cisco Computers & Internet Experts

Prashant M
Prashant M

Level 3 Expert

2277 Answers

Ekse

Level 3 Expert

13434 Answers

Jeffrey Groves
Jeffrey Groves

Level 3 Expert

573 Answers

Are you a Cisco Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...