- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
K, lets start with the basics here. What do you see for phase 1 and 2? What about the other end? Its been a while since I worked on Cisco ASA, but I know you can check the status from ASDM, as well as ssh
I attached a file with some commands guy I used to work with gave me (he worked for Cisco TAC in India)
On CP side, you can run vpn tu and check ike and ipsec state, as well as vpn tu tlist -p ex_cisco_ip, so say vpn tu tlist -p 1.2.3.4
Also, on cp end, you can run below basic debugs:
vpn debug trunc
vpn debug ikeon
-generate traffic
-wait little bit, then run vpn debug ikeoff
get ike.elg and vpnd.elg from $FWDIR/log
examine and see if anything interesting
Hope that helps.
Andy
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
