show crypto ipsec

Syntax

show crypto ipsec {sa | summary} [aruba-vpn | ospfv3] 
 [spi <SPI> | ip-address <IP-ADDR>]

Description

Show IPsec SA statistics or summarized information.

Parameters

sa

Shows IPsec SA statistics.

summary

Shows summarized IPsec information.

Options

aruba-vpn

Displays aruba-vpn related IPsec SA statistics.

ospfv3

Displays OSPFv3 related IPsec SA statistics

spi <SPI>

Displays IPaec SA statistics that match the given SPI.

ip-address <IP-ADDR>

Displays IPsec SA statistics that match the given IP address.

Examples

Switch(config)# show crypto ipsec summary

 Crypto IPSec Summary:

 SA  VLAN-Intfc SPI        Local IP
 --- ---------- ---------- ----------------------------------------
 Remote IP                                Proto Appln      Direction
 ---------------------------------------- ----- ---------- ---------
 0   vlan-2     200000     ::
 ff02::5                                  AH    OSPFv3     Outbound
 1   vlan-2     200000     fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 2   vlan-12    100000     ::
 ff02::5                                  AH    OSPFv3     Outbound
 3   vlan-12    100000     fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 4   vlan-22    122000     ::
 ff02::5                                  AH    OSPFv3     Outbound
 5   vlan-22    122000     fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 6   vlan-201   100000     ::
 ::                                       AH    OSPFv3     Outbound
 7   vlan-201   100000     fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 8   vlan-202   100000     ::
 ::                                       AH    OSPFv3     Outbound
 9   vlan-202   100000     fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 10  vlan-204   402        ::
 ff02::5                                  AH    OSPFv3     Outbound
 11  vlan-204   402        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 12  vlan-205   403        ::
 ff02::5                                  AH    OSPFv3     Outbound
 13  vlan-205   403        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 14  vlan-206   404        ::
 ff02::5                                  AH    OSPFv3     Outbound
 15  vlan-206   404        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 16  vlan-207   405        ::
 ff02::5                                  AH    OSPFv3     Outbound
 17  vlan-207   405        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 18  vlan-208   406        ::
 ff02::5                                  AH    OSPFv3     Outbound
 19  vlan-208   406        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 20  vlan-209   408        ::
 ff02::5                                  AH    OSPFv3     Outbound
 21  vlan-209   408        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 22  vlan-210   409        ::
 ff02::5                                  AH    OSPFv3     Outbound
 23  vlan-210   409        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 24  vlan-211   410        ::
 ff02::5                                  AH    OSPFv3     Outbound
 25  vlan-211   410        fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 26  vlan-212   10000      ::
 ff02::5                                  AH    OSPFv3     Outbound
 27  vlan-212   10000      fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 28  vlan-213   10001      ::
 ff02::5                                  AH    OSPFv3     Outbound
 29  vlan-213   10001      fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 30  vlan-214   10002      ::
 ff02::5                                  AH    OSPFv3     Outbound
 31  vlan-214   10002      fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 32  vlan-215   44444445   ::
 ff02::5                                  AH    OSPFv3     Outbound
 33  vlan-215   44444445   fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH    OSPFv3     Inbound
 34  tunnel-1   12345      ::
 ff02::5                                  AH    OSPFv3     Outbound
 35  tunnel-1   12345      fe80::42a8:f0ff:fe9e:900
 ff02::5                                  AH               Inbound                                  
Switch(config)# show crypto ipsec sa

  Crypto IPSec Status

  VLAN Interface         : vlan-2
  SA-ID                  : 0
  Source Address         : ::
  Destination Address    : ff02::5
  Source Port            : 0              Destination Port   : 0
  SPI                    : 200000
  Encapsulation Protocol : AH
  Encryption             : NONE           Hash               : SHA1
  PFS                    : 0              PFS Group          : 0
  Mode                   : Transport
  Key Life               : 0              Remaining Key Life : 0
  Key Size               : 0              Remaining Key Size : 0
  Application            : OSPFv3

  VLAN Interface         : vlan-2
  SA-ID                  : 1
  Source Address         : fe80::42a8:f0ff:fe9e:900
  Destination Address    : ff02::5
  Source Port            : 0              Destination Port   : 0
  SPI                    : 200000
  Encapsulation Protocol : AH
  Encryption             : NONE           Hash               : SHA1
  PFS                    : 0              PFS Group          : 0
  Mode                   : Transport
  Key Life               : 0              Remaining Key Life : 0
  Key Size               : 0              Remaining Key Size : 0
  Application            : OSPFv3

  VLAN Interface         : vlan-12
  SA-ID                  : 2
  Source Address         : ::
  Destination Address    : ff02::5
  Source Port            : 0              Destination Port   : 0
  SPI                    : 100000
  Encapsulation Protocol : AH
  Encryption             : NONE           Hash               : MD5
  PFS                    : 0              PFS Group          : 0
  Mode                   : Transport
  Key Life               : 0              Remaining Key Life : 0
  Key Size               : 0              Remaining Key Size : 0
  Application            : OSPFv3

  VLAN Interface         : vlan-12
  SA-ID                  : 3
  Source Address         : fe80::42a8:f0ff:fe9e:900
  Destination Address    : ff02::5
  Source Port            : 0              Destination Port   : 0
  SPI                    : 100000
  Encapsulation Protocol : AH
  Encryption             : NONE           Hash               : MD5
  PFS                    : 0              PFS Group          : 0
  Mode                   : Transport
  Key Life               : 0              Remaining Key Life : 0
  Key Size               : 0              Remaining Key Size : 0
  Application            : OSPFv3