Displaying configured IPsec policies

Use the following procedure to display IPsec policies.

Procedure

  1. To enter User EXEC mode, log on to the switch.
  2. Display all of the IPsec policies on the switch:

    show ipsec policy all

  3. Display a specific IPsec policy based on the policy name on the interface:

    show ipsec policy interface WORD<1–32>

  4. Display the IPsec policy based on the policy name:

    show ipsec policy name WORD<1–32>

Example

Display IPsec policy information:

Switch:1>show ipsec policy all
=========================================================================
                               IPSEC Policy Table
=========================================================================
PolicyName          : ospf1
LocalAddress: 0::0
RemoteAddress: 0::0
Protocol: ospfv3
src-port: 0
dest-port: 0
Action: Permit
Admin: Enable

Switch:1>show ipsec policy interface ospf1

=========================================================================
                          IPsec Policy Interface Table
=========================================================================
-------------------------------------------------------------------------
POLICY NAME       InterfaceIndex            Policy State   Direction     
-------------------------------------------------------------------------
ospf1              2/3                           Enable      both

Switch:1>show ipsec policy name ospf1
=========================================================================
                               IPSEC Policy Table
=========================================================================
PolicyName          : ospf1
LocalAddress: 0::0
RemoteAddress: 0::0
Protocol: ospfv3
src-port: 0
dest-port: 0
Action: Permit
Admin: Enable

Variable Definitions

The following table defines parameters for the show ipsec policy command.

Variable

Value

all

Displays all of the IPsec policies on the switch.

interface WORD<1–32>

Displays a specific IPsec policy based on the policy name on the interface.

name WORD<1–32>

Displays the IPsec policy based on the name of the policy.

Job aid

The following table describes the fields in the output for the show ipsec policy all and show ipsec policy name commands.

Parameter

Description

PolicyName

Specifies the IPsec policy name.

LocalAddress

Specifies the local address. The default is 0::0.

RemoteAddress

Specifies the remote address. The default is 0::0.

Protocol

Specifies the protocol.

src-port

Specifies the source port.

dest-port

Specifies the destination port.

Action

Specifies the action as either: permit or drop.

Admin

Specifies whether the policy is enabled.

The following table describes the fields in the output for the show ipsec policy interface command.

Parameter

Description

POLICY NAME

Specifies the IPsec policy name.

InterfaceIndex

Specifies the interface.

Policy State

Specifies whether the policy is enabled.