Display IKE V2 Security Association

Use the following procedure to view the IKE version 2 security association.

Procedure

  1. In the navigation pane, expand Configuration > Security > Control Path.
  2. Click IKE.
  3. Click the V2 SA tab.

V2 SA field descriptions

Use the data in the following table to use the IKE > V2 SA tab.

Name

Description

Id

Specifies the profile ID.

LocalIfIndex

Specifies the Interface Index of the local address. Only port and vlan interfaces are supported.

LocalAddrType

Specifies whether the local address is an IPv4 or IPv6 address.

LocalAddr

Specifies the address of the local peer.

RemoteAddrType

Specifies whether the remote address is an IPv4 or IPv6 address.

RemoteAddr

Specifies the address of the remote peer.

Name

Specifies the name given to the SA.

AuthenticationMethod

Specifies the proposed authentication method for theVersion 2 security association.

The default authentication method is pre-shared key.

DPDTimeout

Specifies the Dead Peer Detection timeout in seconds.

HashAlgorithm

Specifies the hash algorithm negotiated for this IKE Version 2 SA.

EncryptionAlgorithm

Specifies the encryption algorithm negotiated for this IKE Version 2 SA.

EncryptKeyLen

Specifies the encryption key length negotiated for this IKE Version 2 SA.

DHGroup

Specifies the Diffie-Hellman group negotiated for this IKE Version 2 SA.

ExchangeMode

Specifies the IKE Version 2 SA mode.

LifetimeSeconds

Specifies the amount of time for which an IKE Version 2 SA can remain valid during IKE Version 2 negotiation. A value of 0 means no the SA always remains valid.

Status

Specifies whether the SA is active or inactive.

Initiator

Specifies whether specifies the whether the SA is created by an initiator or a responder.

IntegrityAlgorithm

Specifies the type of integrity algorithm.