1、硬件,软件和进程检查
show cpuload
show memory
show inventory
show switchinfo
show processes
show image version
show datapath utilization2、L2/L3 信息
show ip interface brief
show ip route
show interface fastethernet <slot>/<port>
show interface fastethernet <slot>/<port> switchport
show interface vlan <vlanid>
show interface counters
show arp
show datapath route table
show datapath route-cache table
show datapath bridge table
show datapath bridge counters
show datapath frame counters
show datapath crypto counters3、Local与master通信中断排错流程图
3.1基本命令
# show datapath tunnel tableAOS 6.x GRE隧道 – 隧道是双向的。 编号目前如下:
*8000 — shared split tunnel
*8080 — 651/653 internal AP FW
*8100 — Ethernet port 1 (70/2E/12x/RAP-2WG/RAP-5x)
*8101 — Ethernet port 2 (RAP-5x)
*8102 — Ethernet port 3 (RAP-5x)
*8103 — Ethernet port 4 (RAP-5x)
*8180 — Ethernet port 0 (mesh points)
*82×0 — BSSIDs on radio 0
*83×0 — BSSIDs on radio 1
3.2查找入站和出站IPSec隧道情况
#show crypto isakmp sa
#show log security查看
IKE Aggressive Mode Phase 1 succeeded for peer <ip address> ike_quick_mode.c:checkIpsecSelectors_LocalMaster:3601 ipsec_map peer IP:0.0.0.0 SA IP:<ip address> map_name default-local-master-ipsecmap
错误的IKE密码
#logging level debugging security subcat ike查看是否有如下显示
IKE Phase 1 hash mistmatch.
3.3VRRP 问题
查看admin状态,VR状态,发送和接收的通告,失败的验证等
show vrrp 1 statistics
show log network
Thanks