View IPSec Statistics

Use the following procedure to clear Internet Protocol Security (IPSec) system statistics counters and view IPSec statistics on an interface. The device only clears system statistics counters on system reboot.

Procedure

  1. To enter User EXEC mode, log on to the switch.
  2. View IPSec statistics for the system:

    show ipsec statistics system

  3. View IPSec statistics for an Ethernet interface:

    show ipsec statistics gigabitethernet {slot/port[/sub-port][-slot/port[/sub-port]][,...]}

  4. View IPSec statistics for a VLAN interface:

    show ipsec statistics vlan <1–4059>

  5. View statistics for IPSec on the management interface:

    show ipsec statistics mgmtethernet <mgmt | mgmt2>

    Note

    Note

    This step applies to VSP 8600 Series only.

  6. View statistics for IPSec on the loopback interface:

    show ipsec statistics loopback <1–256>

  7. Clear IPSec system statistics counters:

    clear ipsec stats all

Example

View IPSec statistics. Output is partial due to length.

Switch:1>show ipsec statistics system

================================================================================
                            IPSEC Global Statistics
================================================================================
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0
InAHSuccesses        = 0
InESPSuccesses       = 0
OutAHSuccesses       = 0
OutESPSuccesses      = 0
OutKBytes            = 0
OutBytes             = 0
InKBytes             = 0
InBytes              = 0
--More-- (q = quit)

Switch:1>show ipsec statistics gigabitethernet 1/13

================================================================================
                              Ipsec  Port  Stats
================================================================================
Ifindex              = 204
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0

Switch:1>show ipsec statistics vlan 1

================================================================================
                               Ipsec  Vlan  Stats
================================================================================
Ifindex              = 2049
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0

View IPSec statistics for a loopback interface:

Switch:1>show ipsec statistics loopback 1

================================================================================
                             Ipsec  LoopBack  Stats

================================================================================
Ifindex              = 1344
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InESPReplays         = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0
Switch:1>show ipsec statistics mgmtethernet mgmt

================================================================================
                              Ipsec  Port  Stats
================================================================================
Ifindex              = 64
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InESPReplays         = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0
Switch:1>show ipsec statistics mgmtethernet mgmt2

================================================================================
                              Ipsec  Port  Stats
================================================================================
Ifindex              = 128
InSuccesses          = 0
InSPViolations       = 0
InNotEnoughMemories  = 0
InAHESPReplays       = 0
InESPReplays         = 0
InAHFailures         = 0
InESPFailures        = 0
OutSuccesses         = 0
OutSPViolations      = 0
OutNotEnoughMemories = 0
generalError         = 0

Variable Definitions

Use the data in the following table to use the show ipsec statistics command.

Variable

Value

{slot/port[/sub-port][-slot/port[/sub-port]][,...]}

Identifies the slot and port in one of the following formats: a single slot and port (slot/port), a range of slots and ports (slot/port-slot/port), or a series of slots and ports (slot/port,slot/port,slot/port). If the platform supports channelization and the port is channelized, you must also specify the sub-port in the format slot/port/sub-port.

loopback <1–256>

Identifies the loopback interface.

mgmtethernet < mgmt | mgmt2>

Note:

Exception: only supported on VSP 8600 Series.

Identifies the interface as the management interface.

system

Shows statistics for the entire system.

vlan <1-4059>

Specifies the VLAN.