Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Monitoring the IPsec Transport Connections Information

    Purpose

    Display information about transport connections.

    Action

    To display information about transport connections:

    host1:vr11#show ipsec transport interface
    IPSEC transport interface 5 is Up
    IPSEC transport interface 6 is Up
    2 Ipsec transport interfaces found

    To display information about a particular transport connection:

    host1:vr11#show ipsec transport interface 5
    IPSEC transport interface 5 is Up

    To display detailed information about a transport connection:

    host1:vr11#show ipsec transport interface detail 5
    IPSEC transport interface 5 is Up
      Configuration
        Virtual router vr00
        Application gre
        No pfs group
        Mtu is 1440
        Local address is 10.255.0.61
        Remote address is 10.255.0.62
        Local identity is subnet 10.255.0.61 255.255.255.255, proto 47, port 0
        Remote identity is subnet 10.255.0.62 255.255.255.255, proto 47, port 0
        Inbound spi 0x15c30204
        Inbound transform transport-esp-3des-sha1
        Inbound lifetime 900 seconds 102400 kilobytes
        Outbound spi is 0x16a10205
        Outbound transform transport-esp-3des-sha1
        Outbound lifetime 900 seconds 102400 kilobytes
      Statistics
        InUserPackets           5
        InUserOctets            270
        InAccPackets            5
        InAccOctets             440
        InAuthErrors            0
        InReplayErrors          0
        InPolicyErrors          0
        InOtherRxErrors         0
        InDecryptErrors         0
        InPadErrors             0
        OutUserPackets          5
        OutUserOctets           270
        OutAccPackets           5
        OutAccOctets            440
        OutPolicyErrors         0
        OutOtherTxErrors        0

    Meaning

    Table 1 lists the output fields for the show ipsec transport interface command.

    Table 1: show ipsec transport interface Output Fields

    Field Name

    Field Description

    IPsec transport interface

    Number and status of the IPsec transport connection

    Configuration

    Configuration information about the IPsec transport connection:

    • Virtual router—Virtual router on which this profile is configured
    • Application—Type of application the connection can protect
    • pfs group—PFS group being used for the connection
    • Mtu—Tunnel's MTU size
    • Local address—Local endpoint address
    • Remote address—Remote endpoint address
    • Local identity—Subnet, protocol, and port of the local endpoint
    • Remote identity—Subnet, protocol, and port of the remote endpoint
    • Inbound spi—Inbound security parameter index
    • Inbound transform—Inbound algorithm
    • Inbound lifetime—Inbound configured lifetime in seconds and kilobytes
    • Outbound spi—Outbound security parameter index
    • Outbound transform—Outbound algorithm
    • Outbound lifetime—Outbound configured lifetime in seconds and kilobytes

    Statistics

    Statistics about the IPsec transport connection:

    • InUserPackets—Number of user packets received
    • InUserOctets—Number of octets received from user packets
    • InAccPackets—Number of encapsulated packets received
    • InAccOctets—Number of octets received in encapsulated packets
    • InAuthErrors—Number of authentication errors received
    • InReplyErrors—Number of reply errors in received traffic
    • InPolicyErrors—Number of policy errors in received traffic
    • InOtherRxErrors—Number of packets received that have errors other than the following errors:
      • InAuthErrors
      • InReplyErrors
      • InPolicyErrors
      • InDecryptErrors
      • InPadErrors
    • InDecryptErrors—Number of decryption errors in received traffic
    • InPadErrors—Number of packets received that had invalid values after the packet was decrypted
    • OutUserPackets—Number of user packets sent
    • OutUserOctets—Number of octets sent in user packets
    • OutAccPackets—Number of encapsulated packets sent
    • OutAccOctets—Number of octets sent in encapsulated packets
    • OutPolicyErrors—Number of packets arriving at the transport connection for encapsulation that do not meet the specified identifier (selector)
    • OutOtherTxErrors—Number of outbound packets that have errors other than the OutPolicyErrors

    Published: 2014-08-12