Use this command to display IPsec SA information.
| spi spi | (Optional) Filters the display by the specified Security Parameter Index (SPI). |
| instance_id instance_id | (Optional) Filters the display based upon the IPsec instance ID. |
| index index | (Optional) Filters the display based upon the SA index. |
| ipv4 | ipv6 | (Optional) Filters the display based upon either IPv4 or IPv6 addressing. |
| brief | (Optional) Displays a summary version of IPsec SA information |
If no option is specified, all IPsec SAs are displayed.
All command modes.
SA SPI, index, and instance IDs for all SAs are available by entering the show ipsec sa or show ipsec flow commands without specifying an option.
The current release only supports the manual configuration of a default instance, specified as either default or 0. An instance ID above 64 is dynamically created when you provision authentication or encryption for OSPFv3.
This example shows how to display all IPsec counters :
System(su)->>show ipsec sa IPSec IPv6 SA (Index: 4) SPI: 1915327043 (0x72299243) Source IP: 2001::1 Destination IP: 2001:4094::8c3c:6041:22ff:6cb0 IPSec Protocol: esp Direction: egress Persistence: dynamic Active: yes Instance Id: default Vrf Id: 0 Number of Flows: 1 Encap Mode: transport Auth Algorithm: sha1-hmac Cipher Algorithm: aescbc IPSec IPv6 SA (Index: 8) SPI: 574398787 (0x223ca143) Source IP: 2001:4094::8c3c:6041:22ff:6cb0 Destination IP: 2001::1 IPSec Protocol: esp Direction: ingress Persistence: dynamic Active: yes Instance Id: default Vrf Id: 0 Number of Flows: 1 Encap Mode: transport Auth Algorithm: sha1-hmac Cipher Algorithm: aescbc Number of SAs displayed: 2
Print
this page
Email this topic
Feedback
View PDF
Download EPUB