Displaying configured IPsec policies

Use the following procedure to display IPsec policies.

Procedure

To enter User EXEC mode, log on to the switch.
Display all of the IPsec policies on the switch:

show ipsec policy all
Display a specific IPsec policy based on the policy name on the interface:

show ipsec policy interface WORD<1–32>
Display the IPsec policy based on the policy name:

show ipsec policy name WORD<1–32>

Example

Display IPsec policy information:

Switch:1>show ipsec policy all
=========================================================================
                               IPSEC Policy Table
=========================================================================
PolicyName          : ospf1
LocalAddress: 0::0
RemoteAddress: 0::0
Protocol: ospfv3
src-port: 0
dest-port: 0
Action: Permit
Admin: Enable

Switch:1>show ipsec policy interface ospf1

=========================================================================
                          IPsec Policy Interface Table
=========================================================================
-------------------------------------------------------------------------
POLICY NAME       InterfaceIndex            Policy State   Direction     
-------------------------------------------------------------------------
ospf1              2/3                           Enable      both

Switch:1>show ipsec policy name ospf1
=========================================================================
                               IPSEC Policy Table
=========================================================================
PolicyName          : ospf1
LocalAddress: 0::0
RemoteAddress: 0::0
Protocol: ospfv3
src-port: 0
dest-port: 0
Action: Permit
Admin: Enable

Variable Definitions

The following table defines parameters for the show ipsec policy command.


Variable	Value
all	Displays all of the IPsec policies on the switch.
interface `WORD<1–32>`	Displays a specific IPsec policy based on the policy name on the interface.
name `WORD<1–32>`	Displays the IPsec policy based on the name of the policy.

Job aid

The following table describes the fields in the output for the show ipsec policy all and show ipsec policy name commands.


Parameter	Description
PolicyName	Specifies the IPsec policy name.
LocalAddress	Specifies the local address. The default is 0::0.
RemoteAddress	Specifies the remote address. The default is 0::0.
Protocol	Specifies the protocol.
src-port	Specifies the source port.
dest-port	Specifies the destination port.
Action	Specifies the action as either: permit or drop.
Admin	Specifies whether the policy is enabled.

The following table describes the fields in the output for the show ipsec policy interface command.


Parameter	Description
POLICY NAME	Specifies the IPsec policy name.
InterfaceIndex	Specifies the interface.
Policy State	Specifies whether the policy is enabled.