Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

show ipsec ike inbound-connections

show ipsec ike inbound-connections—Display information about the IKE sessions that remote IKE peers  have established to the local router (on vEdge routers only).

Command Syntax

show ipsec ike inbound-connections
show ipsec ike inbound-connections
source-ip-address [source-port [destination-ip-address [destination-port ] ] ] [(ciphersuite suite | new-key-hash hash | new-spi spi | old-key-hash hash | old-spi spi) ] ] ] ]

Options

None
Display information for all the IKE sessions that have been established to the local router.
Specific IKE-Enabled IPsec Tunnel Connection
source-ip-address [source-port [destination-ip-address [destination-port ] ] ] [(ciphersuite suite | new-key-hash hash | new-spi spi | old-key-hash hash | old-spi spi) ] ] ] ]
Display information for a specific IKE-enabled IPsec tunnel.

Output Fields

The output fields are self-explanatory.

Example Output

On the vEdge1 router, the output of the show ipsec ike inbound-connections command shows the IKE-enabled IPsec tunnel connection that originates on the vEdge2 router, whose tunnel source IP address is 10.1.16.16. The command output on the vEdge2 router shows the connection from vEdge1, whose tunnel source IP address is 10.1.15.15.

vEdge1# show running-config vpn 1 interface ipsec1
vpn 1
 interface ipsec1
  ip address 10.1.1.1/30
  tunnel-source      10.1.15.15
  tunnel-destination 10.1.16.16
  ike
   version      2
   rekey        14400
   cipher-suite aes256-cbc-sha1
   group        16
   authentication-type
    pre-shared-key
     pre-shared-secret $8$jr37xShEUPZF2zuiZFpTqqBHSlCHVX1XLut1o62mh7c=
    !
   !
  !
  ipsec
   rekey         14400
   replay-window 32
   cipher-suite  aes256-cbc-sha1
  !
  no shutdown
 !
!

vEdge2# show running-config vpn 1 interface ipsec1
vpn 1
 interface ipsec1
  ip address 10.1.1.2/30
  tunnel-source      10.1.16.16
  tunnel-destination 10.1.15.15
  ike
   version      2
   rekey        14400
   cipher-suite aes256-cbc-sha1
   group        16
   authentication-type
    pre-shared-key
     pre-shared-secret $8$/O+yus2zpknCbyK5YUfZMQehghSsXCXzfRpc9bj6YsY=
    !
   !
  !
  ipsec
   rekey         14400
   replay-window 32
   cipher-suite  aes256-cbc-sha1
  !
  no shutdown
 !
!

vEdge1# show ipsec ike inbound-connections

SOURCE                                  SOURCE  DEST                                    DEST    NEW     OLD     CIPHER           NEW       OLD       
IP                                      PORT    IP                                      PORT    SPI     SPI     SUITE            KEY HASH  KEY HASH  
-----------------------------------------------------------------------------------------------------------------------------------------------------
10.1.16.16                              4500    10.1.15.15                              4500    257     256     aes256-cbc-sha1  ****01be  ****a0df  

vEdge2# show ipsec ike inbound-connections

SOURCE                                  SOURCE  DEST                                    DEST    NEW     OLD     CIPHER           NEW       OLD       
IP                                      PORT    IP                                      PORT    SPI     SPI     SUITE            KEY HASH  KEY HASH  
-----------------------------------------------------------------------------------------------------------------------------------------------------
10.1.15.15                              4500    10.1.16.16                              4500    257     256     aes256-cbc-sha1  ****4485  ****48e3  

Release Information

Command introduced in Viptela Software Release 17.2.

  • Was this article helpful?