Which command should be used to identify the peer from which that route originated?

A rogue static route is installed in the routing table of a Cisco FlexVPN and is causing traffic to be blackholed. Which command should be used to identify the peer from which that route originated?
A. show crypto ikev2 sa detail
B. show crypto route
C. show crypto ikev2 client flexvpn
D. show ip route eigrp
E. show crypto isakmp sa detail

cisco-exams

4 thoughts on “Which command should be used to identify the peer from which that route originated?

  1. The correct answer is B
    https://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_vpnav/configuration/15-2mt/sec-rev-rte-inject.html#GUID-BCCF0AD5-FA94-433E-880C-2E0EC63315DC

    outer# show crypto route

    VPN Routing Table: Shows RRI and VTI created routes
    Codes: RRI – Reverse-Route, VTI- Virtual Tunnel Interface
    S – Static Map ACLs
    Routes created in table GLOBAL DEFAULT
    192.168.6.2/255.255.255.255 [0/0] via 10.0.0.133
    on Virtual-Access3 RRI
    10.1.1.0/255.255.255.0 [10/0] via Virtual-Access2 VTI
    192.168.6.1/255.255.255.255 [0/0] via Virtual-Access2 VTI

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.