show vpn ipsec sa
Provides information about active IPsec security associations.
- peer
- Shows active IPsec security associations for the specified VPN peer. The format is the IPv4 or IPv6 address of the peer.
- tunnel
- Shows active IPsec security associations for the specified tunnel to the specified peer. The tunnel argument is an integer that uniquely identifies the tunnel to the specified peer. The numbers range from 0 through 4294967295.
Operational mode
Use this command to display information about remote VPN peers and IPsec security associations (SAs) currently in effect.
The following example shows the output of the show vpn ipsec sa command.
vyatta@rtr1:~$ show vpn ipsec sa
Peer ID / IP Local ID / IP
------------ -------------
190.160.3.2 190.160.2.1
Tunnel State Bytes Out/In Encrypt Hash DH A-Time L-Time
------ ----- ------------- ------------ -------- -- ------ ------
1 up 0.0/0.0 aes256 md5 5 6 1800The following example shows the output of the show vpn ipsec sa peer command.
vyatta@rtr1:~$ show vpn ipsec sa peer 192.168.3.3
Peer ID / IP Local ID / IP
------------ -------------
192.168.3.3 192.168.2.1
Tunnel State Bytes Out/In Encrypt Hash DH A-Time L-Time
------ ----- ------------- ------------ -------- -- ------ -----
1 up 0.0/0.0 aes256 md5 5 61 1800The following example shows the output of the show vpn ipsec sa peer tunnel command.
vyatta@rtr1:~$ show vpn ipsec sa peer 192.168.3.3 tunnel 1
Peer ID / IP Local ID / IP
------------ -------------
192.168.3.3 192.168.2.1
Tunnel State Bytes Out/In Encrypt Hash DH A-Time L-Time
------ ----- ------------- ------------ -------- -- ------ -----
1 up 0.0/0.0 aes256 md5 5 96 1800