Router: Test Crypto Initiate-session Command

It used to be that the only way to initiate vpn establishment is by passing traffic matching the crypto ACLs. What's usually done is you ping the remote network from a host behind the router. But there are cases where you don't have access to any of the computers on both sides of the tunnel.
By using the test crypto initiate-session command, you can manually bring up the tunnel just by entering this command from the router.

The syntax is
test crypto initiate-session src-ip-addr dst-ip-addr map-name seq-num

After issuing this command, use the show crypto cisco connections command to verify the status of the connection just created.

Router1# show crypto cisco connections
Connection Table
PE UPE Conn_id New_id Alg Time
192.168.3.10 192.168.204.100 1 0 10 Mar 01 1993 00:02:00
flags:TIME_KEYS

If the Conn_id is a positive value, then it means the vpn session is established.

Note that this only verifies your vpn configuration so you still have to check your routing, nat and ACL configuration to make sure that packets are correctly routed and encrypted.