MONITOR GETSPD

Level

vpn_read

History

Appears in Netasq 6.1.0
FORMAT Appears in Netasq 9.0.0
Behavior changed in 4.2.0
Global and List appear in 4.8.0

Description

List IPsec SPD policy

Usage

[Global=<0|1>] [List=<full|light>]
Global: Filter only global or local SPD
List : Display all the informations (full) or only a subset (light)

Returns

rulename=<name> : CHILD_SA rule name
ikerulename=<name> : IKE_SA rule name
src=<ip> : source IP address
srcname=<name> : Optionnal source object name
srcmask=<masklen> : the value of src mask len in bits
srcport=<port> : Optionnal source port
dst=<ip> : destination IP address
dstname=<name> : Optionnal destination object name
dstmask=<masklen> : the value of dst mask len in bits
dstport=<port> : Optionnal destination port
localid=<id> : local identifier
peerid=<id> : remote identifier
proto=<protocol> : Optionnal protocol name
srcgw=<ip> : source Gateway IP
srcgwname=<name> : Optionnal source Gateway name
dstgw=<ip> : destination Gateway IP
dstgwname=<name> : Optionnal destination Gateway name
ike=<version> : IKE version
enc=esp|ah|ipcomp : encapsulation mode
policy=<policy> : IPSec mode: tunnel|pass|drop
maxlifetime=<secs> : max time count
ppk=<0|1> : Was PPK used or not

Format

section_line

Example

101 begin
rulename="Site_fw_vm_2" src=192.168.74.4 srcmask=32 srcname=vm_base
dst=0.0.0.0 dstmask=0 dstname=any srcgw=192.168.10.1 srcgwname=Firewall_in
dstgw=192.168.11.1 dstgwname=fw_vm_2 localid="lid" peerid="pid"
ike=2 enc="esp" policy="tunnel" maxlifetime=2880