I am reading up on l2l tunnels(ikev1&2) and had a question which I wasnt able to figure out.
Looking at an existing ASA config, how do I figure out what crypto ikev1 policy is the tunnel configured to use, in case:
- When a tunnel is up (
show vpn-sessiondb detail l2l) - When a tunnel is not up (from running config?)
I know that the policies are sequenced and Prioritized but I am trying to find out which configured tunnels are using deprecated DH Groups(2,5) so I could create a database of tunnels that need to be updated .
No comments:
Post a Comment