Use this command to display IPsec flow information.
| spi spi | (Optional) Filters the display by the specified SPI. |
| instance_id instance_id | (Optional) Filters the display based upon the IPsec instance ID. |
| index index | (Optional) Filters the display based upon the instance index. |
| ipv4 | ipv6 | (Optional) Filters the display based upon either IPv4 or IPv6 addressing. |
| brief | (Optional) Displays a summary version of IPsec flow information |
If no option is specified, all IPsec flows are displayed.
All command modes.
The SA SPI, index, and instance IDs for all SAs are available by entering the show ipsec sa or show ipsec flow commands without specifying an option.
The current release only supports the manual configuration of a default instance, specified as either default or 0. An instance ID above 64 is dynamically created when you provision authentication or encryption for OSPFv3.
This example shows how to display all IPsec information for all flows:
System(su)->show ipsec flow IPSec IPv6 Flow 10 (Associated SA index 4): Type: use Protocol: udp Source Port: any Destination Port: any Direction: egress Persistence: dynamic Active: yes Priority: -50 Instance Id: default Source IP: 2001::1/128 Destination IP: 2001:4094::8c3c:6041:22ff:6cb0/128 IPSec IPv6 Flow 11 (Associated SA index 8): Type: use Protocol: udp Source Port: any Destination Port: any Direction: ingress Persistence: dynamic Active: yes Priority: -50 Instance Id: default Source IP: 2001:4094::8c3c:6041:22ff:6cb0/128 Destination IP: 2001::1/128 Number of flows displayed: 2
Print
this page
Email this topic
Feedback
View PDF
Download EPUB