show ipsec ike outbound-connections
show ipsec ike outbound-connections—Display information about the IKE sessions that the local router has established to remote IKE peers (on vEdge routers only).
Command Syntax
show ipsec ike outbound-connections
show ipsec ike outbound-connections source-ip-address [source-port [destination-ip-address [destination-port ] [spi ] ] ] [(ciphersuite suite | key-hash hash | tunnel-mtu mtu) ] ] ] ]
Options
- None
- Display information for all the IKE sessions that have been established to remote IKE peers.
- Specific IKE-Enabled IPsec Tunnel Connection
- source-ip-address [source-port [destination-ip-address [destination-port ] [spi ] ] ] [(ciphersuite suite | key-hash hash | tunnel-mtu mtu) ] ] ] ]
Display information for a specific IKE-enabled IPsec tunnel.
Output Fields
The output fields are self-explanatory.
Example Output
On the vEdge1 router, the output of the show ipsec ike outbound-connections command shows the IKE-enabled IPsec tunnel connection that originates from the local router, whose tunnel source IP address is 10.1.15.15. The command output on the vEdge2 router shows the connection originating from that router, 10.1.15.15.
vEdge1# show running-config vpn 1 interface ipsec1
vpn 1
interface ipsec1
ip address 10.1.1.1/30
tunnel-source 10.1.15.15
tunnel-destination 10.1.16.16
ike
version 2
rekey 14400
cipher-suite aes256-cbc-sha1
group 16
authentication-type
pre-shared-key
pre-shared-secret $8$jr37xShEUPZF2zuiZFpTqqBHSlCHVX1XLut1o62mh7c=
!
!
!
ipsec
rekey 14400
replay-window 32
cipher-suite aes256-cbc-sha1
!
no shutdown
!
!
vEdge2# show running-config vpn 1 interface ipsec1
vpn 1
interface ipsec1
ip address 10.1.1.2/30
tunnel-source 10.1.16.16
tunnel-destination 10.1.15.15
ike
version 2
rekey 14400
cipher-suite aes256-cbc-sha1
group 16
authentication-type
pre-shared-key
pre-shared-secret $8$/O+yus2zpknCbyK5YUfZMQehghSsXCXzfRpc9bj6YsY=
!
!
!
ipsec
rekey 14400
replay-window 32
cipher-suite aes256-cbc-sha1
!
no shutdown
!
!
vEdge1# show ipsec ike outbound-connections
SOURCE SOURCE DEST DEST CIPHER
IP PORT IP PORT SPI SUITE KEY HASH TUNNEL MTU
-----------------------------------------------------------------------------------------------------------------------------------------------
10.1.15.15 4500 10.1.16.16 4500 257 aes256-cbc-sha1 ****55b5 1418
vEdge2# show ipsec ike outbound-connections
SOURCE SOURCE DEST DEST CIPHER
IP PORT IP PORT SPI SUITE KEY HASH TUNNEL MTU
-----------------------------------------------------------------------------------------------------------------------------------------------
10.1.16.16 4500 10.1.15.15 4500 257 aes256-cbc-sha1 ****cf49 1418
Release Information
Command introduced in Viptela Software Release 17.2.
Additional Information
See the Configuring IKE-Enabled IPsec Tunnels article for your software release.
clear ipsec ike sessions
show ipsec ike inbound-connections
show ipsec ike sessions