Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

show vpn ipsec sa

Provides information about active IPsec security associations.

show vpn ipsec sa [ peer peer [ tunnel tunnel ] ]
peer
Shows active IPsec security associations for the specified VPN peer. The format is the IPv4 or IPv6 address of the peer.
tunnel
Shows active IPsec security associations for the specified tunnel to the specified peer. The tunnel argument is an integer that uniquely identifies the tunnel to the specified peer. The numbers range from 0 through 4294967295.

Operational mode

Use this command to display information about remote VPN peers and IPsec security associations (SAs) currently in effect.

The following example shows the output of the show vpn ipsec sa command.

vyatta@rtr1:~$ show vpn ipsec sa
Peer ID / IP                            Local ID / IP
------------                            -------------
190.160.3.2                             190.160.2.1

    Tunnel  State  Bytes Out/In   Encrypt       Hash      DH A-Time  L-Time
    ------  -----  -------------  ------------  --------  -- ------  ------
    1       up     0.0/0.0        aes256        md5       5  6       1800

The following example shows the output of the show vpn ipsec sa peer command.

vyatta@rtr1:~$ show vpn ipsec sa peer 192.168.3.3 
Peer ID / IP                            Local ID / IP
------------                            -------------
192.168.3.3                             192.168.2.1                            

    Tunnel  State  Bytes Out/In     Encrypt       Hash    DH   A-Time  L-Time  
    ------  -----  -------------  ------------  --------  --   ------  -----
    1       up     0.0/0.0        aes256        md5       5    61      1800

The following example shows the output of the show vpn ipsec sa peer tunnel command.

vyatta@rtr1:~$ show vpn ipsec sa peer 192.168.3.3 tunnel 1
Peer ID / IP                            Local ID / IP
------------                            -------------
192.168.3.3                             192.168.2.1                            

    Tunnel  State  Bytes Out/In     Encrypt       Hash    DH  A-Time  L-Time 
    ------  -----  -------------  ------------  --------  --  ------  -----
    1       up     0.0/0.0        aes256        md5       5   96      1800