Display Switch Level Statistics for IPsec-Enabled Interfaces

Use this procedure to view IPsec statistics and counter values at the switch level for all IPsec-enabled interfaces.

Procedure

  1. In the navigation pane, expand Configuration > Security > Control Path.
  2. Click IPSec.
  3. Click the Global Stats tab.

Global Stats Field Descriptions

Use the data in the following table to use the Global Stats tab.

Name

Description

InSuccesses

Specifies the number of ingress packets IPsec successfully carries.

InSPViolations

Specifies the number of ingress packets IPsec discards since boot time because of a security policy violation.

InNotEnoughMemories

Specifies the number of ingress packets IPsec discards since boot time because not enough memory is available.

InAHESPReplays

Specifies the number of ingress packets IPsec discards since boot time because the AH replay check fails.

InESPReplays

Specifies the number of ingress packets IPsec discards since boot time because the ESP replay check fails.

InAHFailures

Specifies the number of ingress packets IPsec discards since boot time because the AH authentication check fails.

InESPFailures

Specifies the number of ingress packets IPsec discards since boot time because the ESP authentication check fails.

OutSuccesses

Specifies the number of egress packets IPsec successfully carries since boot time.

OutSPViolations

Specifies the number of egress packets IPsec discards since boot time because a security policy violation occurs.

OutNotEnoughMemories

Specifies the number of egress packets IPsec discards since boot time because not enough memory is available since boot time.

generalError

Specifies a general error.

InAHSuccesses

Specifies the number of ingress packets IPsec carries because the AH authentication succeeds.

OutAHSuccesses

Specifies the number of egress packets IPsec successfully carries since boot time.

InESPSuccesses

Specifies the number of ingress packets IPsec carries since boot time because the ESP authentication succeeds.

OutESPSuccesses

Specifies the number of egress packets IPsec successfully carries since boot time.

OutKBytes

Specifies the total number of kilobytes on egress.

OutBytes

Specifies the total number of bytes on egress.

InKBytes

Specifies the total number of bytes on ingress.

InBytes

Specifies the total number of bytes on ingress.

TotalPacketsProcessed

Specifies the total number of packets processed.

TotalPacketsByPassed

Specifies the total number of packets bypassed.

OutAHFailures

Specifies the number of egress packets IPsec discards since boot time because the AH authentication check fails.

OutESPFailures

Specifies the number of egress packets IPsec discards since boot time because the ESP authentication check fails.

InMD5Hmacs

Specifies the number of inbound HMAC MD5 occurrences since boot time.

InSHA1Hmacs

Specifies the number of inbound HMAC SHA1 occurrences since boot time.

InAESXCBCs

Specifies the number of inbound AES XCBC MAC occurrences since boot time.

InAnyNullAuth

Specifies the number of inbound null authentication occurrences since boot time.

In3DESCBCs

Specifies the number of inbound 3DES CBC occurrences since boot time.

InAESCBCs

Specifies the number of inbound AES CBC occurrences since boot time.

InAESCTRs

Specifies the number of inbound AES CTR occurrences since boot time.

InAnyNulEncrypt

Specifies the number of inbound null occurrences since boot time. Used for debugging purposes.

OutMD5Hmacs

Specifies the number of outbound HMAC MD5 occurrences since boot time.

OutSHA1Hmacs

Specifies the number of outbound HMAC SHA1 occurrences since boot time.

OutAESXCBCs

Specifies the number of outbound AES XCBC MAC occurrences since boot time.

OutInAnyNullAuth

Specifies the number of outbound null authentication occurrences since boot time.

Out3DESCBCs

Specifies the number of outbound 3DES CBC occurrences since boot time.

OutAESCBCs

Specifies the number of outbound AES CBC occurrences since boot time.

OutAESCTRs

Specifies the number of outbound AES CTR occurrences since boot time.

OutInAnyNullEncrypt

Specifies the number of outbound null occurrences since boot time. Used for debugging purposes.