Which command verifies phase 1 of an IPsec VPN on a Cisco router?

Which command verifies phase 1 of an IPsec VPN on a Cisco router?When a problem exist with the connectivity, even phase 1 of VPN does not come up. On the ASA, if connectivity fails, the SA output is similar to this example, which indicates possibly an incorrect crypto peer configuration and/or incorrectISAKMP proposal configuration:Router#show crypto isakmp sa1 IKE Peer: XX.XX.XX.XXType : L2L Role : initiatorRekey : no State : MM_WAIT_MSG2Reference: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/81824-common-ipsec-trouble.html

Question:

Which command verifies phase 1 of an IPsec VPN on a Cisco router?

Options:

show crypto map

show crypto ipsec sa

show crypto isakmp sa

show crypto engine connection active

Correct Answer

The Correct Answer for this Question is

show crypto isakmp sa

Leave a Comment