Display the configured IKE policies
show ike policy
show ike policy WORD<1–32> laddr WORD<1–256>
show ike policy WORD<1–32> laddr WORD<1–256> raddr WORD<1–256>
None
User EXEC
The show ike policy command displays the following information:
|
Output field |
Description |
|---|---|
|
Policy Name |
Specifies the name of the policy that is displayed. |
|
Addr Type |
Specifies whether the IP address is an IPv4 or IPv6 address. |
|
Local Address |
Specifies the local IPv4 or IPv6 address. |
|
Remote Address |
Specifies the remote IPv4 or IPv6 address. |
|
Profile Name |
Specifies the name of the profile. |
|
Profile version |
Specifies the version of the profile, version 1 or version 2. |
|
Auth-Method |
Specifies the authentication method. The supported values are digital-certificate and pre-shared-key. |
|
Pre-Shared Key |
Specifies the pre-shared key value. |
|
Revocation-Check Method |
Specifies the revocation check method as OCSP, CRL or none. |
|
Peer-identity name |
Specifies peer identity name for IKE phase 1. |
|
DPD Timeout |
Specifies the Dead-peer detection timeout in seconds. The supported value ranges from 1 to 4294967295 seconds. |
|
Admin State |
Specifies whether the IKE admin state is enabled or disabled. |
|
Oper State |
Specifies whether the policy is operational or not. The values are up and down. |
|
P2 PFS |
Specifies whether Phase 2 perfect forward secrecy is enabled or not. |
|
Use IKE DH Grp |
Specifies whether IKE can use the DH group or not. The values are enable and disable. |
|
DH Group |
Specifies the type of DH group selected. The supported values are modp768, modp1024, and modp2048. |
|
IntfId |
Specifies the ID of the interface on which the policy is applied. |