Show vpn ike sa

From VyOS Wiki
Jump to: navigation, search
Warning sign.png This page is migrated to Readthedocs .
Information found on this page is migrated to readthedocs and information found here could be outdated or misleading. https://vyos.readthedocs.io/en/latest/vpn/site2site_ipsec.html

Operation mode

This command displays information on all VPN IKE Security Associations that are configured. It's output looks like:


vyos@vyos:~$ show vpn ike sa
Peer ID / IP                            Local ID / IP
------------                            -------------
192.168.2.1                             192.168.3.21

    Description: EdgeOS Router

    State  IKEVer  Encrypt  Hash    D-H Group      NAT-T  A-Time  L-Time
    -----  ------  -------  ----    ---------      -----  ------  ------
    up     IKEv2   aes128   sha1_96 2(MODP_1024)   no     10800   28800


Peer ID / IP                            Local ID / IP
------------                            -------------
192.168.2.2                             0.0.0.0

    State  IKEVer  Encrypt  Hash    D-H Group      NAT-T  A-Time  L-Time
    -----  ------  -------  ----    ---------      -----  ------  ------
    down   IKEv1   n/a      n/a     n/a(n/a)       no     0       n/a


Operational commands under `show vpn ike `

<ENTER> Execute the current Command
nat-traversal Show all currently active IKE Security Associations (SA) that are using NAT Traversal
peer Show all the currently active IKE Security Associations (SA) for a peer

Command tree