The Complete Cisco VPN Configuration Guide

ISAKMP/IKE Phase 2 Connections

In this section I’ll discuss some security appliance commands you can use to troubleshoot ISAKMP/IKE Phase 2 connections. I’ll begin by briefly describing the commands you can use and then, in later sections, I’ll discuss some of these commands in more depth.

Overview of the Phase 2 Commands

If you’re experiencing problems with establishing IPsec data connections with an IPsec peer, you could use several PIX/ASA commands to help pinpoint the problem. Here’s a brief summary of these commands:

show crypto engine [verify]— Displays the usage statistics for the appliance’s crypto engine (FOS 6.x only); the verify parameter runs the Known Answer Test (KAT), which checks the integrity of the cryptography engine used ...

Get The Complete Cisco VPN Configuration Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Complete Cisco VPN Configuration Guide by Richard Deal

ISAKMP/IKE Phase 2 Connections

Overview of the Phase 2 Commands

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly