Verify AWS

Verify that there is an ISAKMP security association between the peers

  1. Verify that you are connected via VPN to your MacStadium private cloud.
    For more information about how to connect to the VPN, see Connecting to Your Cloud (via VPN).
  2. Run Cisco ASDM-IDM and log in.
    For more information about how to log in to your firewall, see Logging into Your Cisco Firewall.
  3. In the Cisco ASDM-IDM application toolbar, select Tools > Command Line Interface....
  1. Select Single Line, enter the following command, and click Send.
show crypto isakmp sa

If the site-to-site VPN connection is configured properly, you should see information about an active IKEv1.

For more information about this verification command, see Cisco Documentation: show crypto isakmp sa.

Verify that there is an IPsec security association between peers

  1. Verify that you are connected via VPN to your MacStadium private cloud.
    For more information about how to connect to the VPN, see Connecting to Your Cloud (via VPN).
  2. Run Cisco ASDM-IDM and log in.
    For more information about how to log in to your firewall, see Logging in to Your Cisco Firewall.
  3. In the Cisco ASDM-IDM application toolbar, select Tools > Command Line Interface....
  1. Select Single Line, enter the following command, and click Send.
show crypto ipsec sa

If the site-to-site VPN connection is configured properly, you should see a detailed log.

For more information about this verification command, see Cisco Documentation: show crypto ipsec sa.

Verify that one tunnel is up

  1. Log in to your AWS Management Console and access your VPC service.
  2. In the top right corner of the screen, make sure that you're working in the correct region.
  3. In the sidebar, locate the Virtual Private Network menu and select Site-to-Site VPN Connections.
  1. Select your VPN from the list and inspect the details at the bottom of the screen.
  2. Click Tunnel Details and verify that one of the tunnels is up.

Test traffic and visibility through the tunnel

Follow the instructions provided in Amazon VPC Documentation: How to Test the Customer Gateway Configuration.

Troubleshooting

See Common Issues with AWS-MacStadium Site-to-Site VPN Connections and Troubleshooting.

Updated 9 months ago


Verify AWS


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.