Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

show vpn ike sa

Provides information about all currently active IKE (ISAKMP) security associations.

show vpn ike sa [ nat-traversal | peer peer ]
nat-traversal
Displays all the IKE SAs that are using RFC 3947 NAT Traversal.
peer
Shows IKE SA information for the specified VPN peer. The format is the IPv4 or IPv6 address of the peer.

There will be at most one IKE SA per peer (except possibly during re-key negotiation).

Operational mode

Use this command to display information about IKE security associations (SAs).

The following example shows the output of the show vpn ike sa command.

vyatta@rtr1:~$ show vpn ike sa
Peer ID / IP                            Local ID / IP
------------                            -------------
192.0.3.33                              192.0.3.1                              

    State    Encrypt       Hash    D-H Grp  A-Time  L-Time IKEv
    -----  ------------  --------  -------  ------  ------ ----
    up     aes256        sha1      14       0       86400   2 
vyatta@rtr1:~$