Displaying and maintaining IPsec

Task

Command

Remarks

Display IPsec policy information.

display ipsec policy [ brief | name policy-name [ seq-number ] ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec transform set information.

display ipsec transform-set [ transform-set-name ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec SA information.

display ipsec sa [ brief | policy policy-name [ seq-number ] | remote ip-address ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec session information.

display ipsec session [ tunnel-id integer ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

This command is supported only in FIPS mode.

Display IPsec packet statistics.

display ipsec statistics [ tunnel-id integer ] [ | { begin | exclude | include } regular-expression ]

Available in any view.

Display IPsec tunnel information.

display ipsec tunnel [ | { begin | exclude | include } regular-expression ]

Available in any view.

Clear SAs.

reset ipsec sa [ parameters dest-address protocol spi | policy policy-name [ seq-number ] | remote ip-address ]

Available in user view.

Clear IPsec sessions.

reset ipsec session [ tunnel-id integer ]

Available in user view.

This command is supported only in FIPS mode.

Clear IPsec statistics.

reset ipsec statistics

Available in user view.