show ipsec ike outbound-connections
show ipsec ike outbound-connections—Display information about the IKE sessions that the local router has established to remote IKE peers (on vEdge routers only).
Command Syntax
show ipsec ike outbound-connections
show ipsec ike outbound-connections source-ip-address [source-port [destination-ip-address [destination-port ] [spi ] ] ] [(ciphersuite suite | key-hash hash | tunnel-mtu mtu) ] ] ] ]
Options
- None
- Display information for all the IKE sessions that have been established to remote IKE peers.
- Specific IKE-Enabled IPsec Tunnel Connection
- source-ip-address [source-port [destination-ip-address [destination-port ] [spi ] ] ] [(ciphersuite suite | key-hash hash | tunnel-mtu mtu) ] ] ] ]
Display information for a specific IKE-enabled IPsec tunnel.
Output Fields
The output fields are self-explanatory.
Example Output
On the vEdge1 router, the output of the show ipsec ike outbound-connections command shows the IKE-enabled IPsec tunnel connection that originates from the local router, whose tunnel source IP address is 10.1.15.15. The command output on the vEdge2 router shows the connection originating from that router, 10.1.15.15.
vEdge1# show running-config vpn 1 interface ipsec1 vpn 1 interface ipsec1 ip address 10.1.1.1/30 tunnel-source 10.1.15.15 tunnel-destination 10.1.16.16 ike version 2 rekey 14400 cipher-suite aes256-cbc-sha1 group 16 authentication-type pre-shared-key pre-shared-secret $8$jr37xShEUPZF2zuiZFpTqqBHSlCHVX1XLut1o62mh7c= ! ! ! ipsec rekey 14400 replay-window 32 cipher-suite aes256-cbc-sha1 ! no shutdown ! ! vEdge2# show running-config vpn 1 interface ipsec1 vpn 1 interface ipsec1 ip address 10.1.1.2/30 tunnel-source 10.1.16.16 tunnel-destination 10.1.15.15 ike version 2 rekey 14400 cipher-suite aes256-cbc-sha1 group 16 authentication-type pre-shared-key pre-shared-secret $8$/O+yus2zpknCbyK5YUfZMQehghSsXCXzfRpc9bj6YsY= ! ! ! ipsec rekey 14400 replay-window 32 cipher-suite aes256-cbc-sha1 ! no shutdown ! ! vEdge1# show ipsec ike outbound-connections SOURCE SOURCE DEST DEST CIPHER IP PORT IP PORT SPI SUITE KEY HASH TUNNEL MTU ----------------------------------------------------------------------------------------------------------------------------------------------- 10.1.15.15 4500 10.1.16.16 4500 257 aes256-cbc-sha1 ****55b5 1418 vEdge2# show ipsec ike outbound-connections SOURCE SOURCE DEST DEST CIPHER IP PORT IP PORT SPI SUITE KEY HASH TUNNEL MTU ----------------------------------------------------------------------------------------------------------------------------------------------- 10.1.16.16 4500 10.1.15.15 4500 257 aes256-cbc-sha1 ****cf49 1418
Release Information
Command introduced in Viptela Software Release 17.2.
Additional Information
See the Configuring IKE-Enabled IPsec Tunnels article for your software release.
show ipsec ike inbound-connections
show ipsec ike sessions