On the concentrator I would go into Monitoring-Filterable Event Log and change the address to be the remote IP address. See if it gathers any errors.
On the PIX, there are several commands. 1) Show Crypto Engine. This command will show you if it thinks a tunnel is up. 2) Show crypto ipsec sa. Show the SA that has been negotiated with the VPN concentrator 3) Show crypto isakmp policy. Make sure that both devices agree on the isakmp policy completely. 4) Debug Crypto isakmp. Make sure you have logging debug enabled! Also, if this is a very active PIX, you will need to redirect this to a syslog server and then parse that file. 5) debug crypto ipsec sa ( verify on your PIX ). Same as above on logging. I found a very good book that will go over what it is your doing and some common mistakes. Its brand new ( 2002 ). Cisco Secure Virtual Private Networks. I am in no way affiliated with the author or Cisco Press, I just found it an excellent book for those wanting to really understand IPSec. Thanks Larry Roberts CCNP Expanets 5758 W. 74th St. Indianapolis IN 46278 317.870.2550 Office 317.402.9730 Cell 317.876-6518 Fax -----Original Message----- From: Patrick Donlon [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 7:50 AM To: [EMAIL PROTECTED] Subject: IPSec tunnels [7:34742] Hi All I'm looking for some information on how to verify the configuration of a PIX with an IPsec tunnel to a VPN concentrator. I have a tunnel that keeps bouncing, I think that instabilities across the internet could be causing some of the problems as I see the path changing quite a lot from the Netherlands to Dubai. I can't find the command(s), or understand the ones I've used, which tells me whether the tunnel is up on the PIX, I can see from the concentrator that it's down but I want to know about the PIX too. Any other advise is appreciated Cheers Pat Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34749&t=34742 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
