MONITOR GETIKESA
Level
vpn_read
History
Appears in 4.2.0
Global appears in 4.8.0
Description
List IPsec IKE SA
Usage
[Global=<0|1>]
Global: Filter only global or local SPD
Returns
id=<id> : IKE_SA unique id
rulename=<name> : IKE_SA rule name
src=<ip> : source IP address
srcname=<name> : source object name
dst=<ip> : destination IP address
dstname=<name> : destination object name
localid=<id> : local identifier
peerid=<id> : remote identifier
side=initiator|responder : local side
cookiei=<id> : initiator cookie
cookier=<id> : responder cookie
nat=none|local|remote|both : NAT detection
enc=<algo> : encryption algorithm
auth=<algo> : authentication algorithm
prf=<algo> : PRF algorithm
pfs=<algo> : DH group in use
state=<state> : IKE_SA state: created|connecting|established|rekeying|destroying
lifetime=<secs> : time count
maxlifetime=<secs> : delay between rekeys
ppkid=<id> : PPK identifier
Format
section_line
Example
101 begin
rulename="Site_fw_vm_2" ike=2
src=192.168.10.1 srcname=Firewall_in dst=192.168.11.1 dstname=fw_vm_2
state="established" side="responder" cookiei=0x7b5a38c03059959a cookier=0xd0763b6d58a30150
localid="lid" peerid="pid" nat="none" enc="aes/256" auth="sha256" prf="sha256" pfs="14"
lifetime=127 maxlifetime=21251