Hey again, I'd like some help with interpreting the following output so that I can understand it better. The IP Address of the local peer that the output is captured from is 10.100.10.1 and the remote peer is 10.100.3.3
CCIELAB-ROUTER-R1#show crypto engine conn active Crypto Engine Connections ID Type Algorithm Encrypt Decrypt IP-Address 1001 IKE MD5+3DES 0 0 10.100.10.1 *2001* IPsec 3DES+MD5 0 5 10.100.10.1 *2002* IPsec 3DES+MD5 9 0 10.100.10.1 What do the IDs 2001 and 2002 highlighted above mean? I know that the ID 1001 is the connection ID (ISAKMP SA) as displayed in the output below. Would the 2001 and 2002 IDs above be the two unidirectional IPSEC SAs that are establised at the end of IKE Phase 2? CCIELAB-ROUTER-R1#show crypto isa sa IPv4 Crypto ISAKMP SA dst src state conn-id status 10.100.3.3 10.100.10.1 QM_IDLE 1001 ACTIVE Thanks, Mark
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
