Today I was troubleshooting an IPsec VPN and needed to check the status of the VPN connection and if the hardware crypto card/acceleration was being utilized or offloaded to the CPU/Software.
From the CLI:
diag VPN tunnel list name <name of IPsec Tunnel>
Watch/sniff packets, much like a tcpdump:
diag sniffer packet <name of IPsec Tunnel> "" 4 50 l
Show Routing Table Info:
get router info routing table all
Show state of Hardware Acceleration:
diagnose VPN ipsec status
No comments:
Post a Comment