Once both sides of the IPSec connections are configured, Jamf Security Cloud will attempt to initiate the connection to the IP address you provided every 15 minutes.
You can monitor the status of the IPSec connection using the following commands:
show crypto ikev2 sa detailed
This command will show the detailed IKEv2 (Phase 1) security associations that have been successfully established between Jamf Security Cloud and the Cisco router. If no results are returned, Phase 1 could not be established and further IKEv2 troubleshooting is required.
show crypto ipsec sa
show crypto sessionThis command will show the IPSec (Phase 2) security associations between Jamf Security Cloud and your router. For any entries to appear here, there must be a IKEv2 (Phase 1) security association present. If IKEv2 SAs exist, but there are now ipsec SAs present, then you need to enable debugging of IPSec traffic.
debug crypto ikev2 packet
debug crypto ikev2 internalThese commands will enable IKEv2 debugging to your defined logging destination. The Troubleshoot IOS IKEv2 Debugs for Site-to-Site VPN with PSKs (CISCO) provides helpful information to analyze the resulting logs to work towards resolving the misconfiguration.
debug crypto ipsec
This will enable detailed debugging that is useful to help identify configuration issues during Phase 2 (IPSec / ESP) establishment of the Site-to-Site tunnel. Understand and Use Debug Commands to Troubleshoot IPsec (CISCO) provides useful tips to help interpret the logs.