Displaying and maintaining IPsec

To do…

Use the command…

Remarks

Display IPsec policy information

display ipsec policy [ brief | name policy-name [ seq-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec proposal information

display ipsec proposal [ proposal-name ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec SA information

display ipsec sa [ brief | policy policy-name [ seq-number ] | remote ip-address ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec session information

display ipsec session [ tunnel-id integer ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

This command is supported only in FIPS mode.

Display IPsec packet statistics

display ipsec statistics [ tunnel-id integer ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec tunnel information

display ipsec tunnel [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear SAs

reset ipsec sa [ parameters dest-address protocol spi | policy policy-name [ seq-number ] | remote ip-address ]

Available in user view.

Clear IPsec sessions

reset ipsec session [ tunnel-id integer ]

Available in user view.

This command is supported only in FIPS mode.

Clear IPsec statistics

reset ipsec statistics

Available in user view.