Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Monitoring Secure Policy Lists

    Purpose

    Display information about only secure policy lists. This command and the output are visible only to authorized users—the mirror-enable command must be enabled before using this command. Use the name keyword to display information for a specific secure policy list.

    Action

    To display information about secure policy lists:

    host1#show secure policy-list
    
                                      Policy Table
                                      ------ -----
    Secure IP Policy secureIpPolicy
       Administrative state: enable
       Reference count:      2
       Classifier control list: secClassA
          mirror analyzer-ip-address 192.168.1.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543
       Referenced by interface(s): 
          ATM5/0.1  secure-input policy, statistics disabled, virtual-router default
          ATM5/0.1  secure-output policy, statistics disabled, virtual-router default
    Secure IPv6 Policy secure-ipv6-pol3
       Administrative state: enable
       Reference count:      2
       Classifier control list: *
          Mirror analyzer-ip-address 190.168.1.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543
    
       Referenced by interface(s):
          GigabitEthernet1/0/2.1.2  secure-input policy, statistics disabled, virtual-router default
          GigabitEthernet1/0/2.1.2  secure-output policy, statistics disabled, virtual-router default
    
       Referenced by merged policies:
          None
    
    L2TP Secure Policy secureL2tpPolicy
       Administrative state: enable
       Reference count:      2
       Classifier control list: *
          mirror analyzer-ip-address 192.168.2.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543 (unreachable)
       Referenced by interface(s): 
          TUNNEL l2tp:1/msn.pwh.com/1  secure-input policy, statistics disabled
          TUNNEL l2tp:1/msn.pwh.com/1  secure-output policy, statistics disabled

     

    Meaning

    Table 1 lists show secure policy-list command output fields.

    Table 1: show secure policy-list Output Fields

    Field Name

    Field Description

    Policy

    Type (IP, IPv6, or L2TP) and name of the policy list

    Administrative state

    Status of administrative state, enable or disable; set to enable when the policy list is created

    Reference count

    Number of attachments to interfaces or profiles

    Classifier control list

    Name of the classifier control list

    Mirror analyzer-ip-address

    IP address of analyzer device

    Analyzer-virtual-router

    Analyzer interface virtual router

    Analyzer-udp-port

    UDP port used to communicate with analyzer device

    Mirror-id

    Unique identifier of the mirrored session

    Session-id

    Unique identifier of the user session

    Referenced by interface(s)

    List of interfaces to which the policy is attached; indicates whether the attachment is at secure input or secure output of interface

    Referenced by profile(s)

    Not currently supported: always null

    Statistics

    Not currently supported: always disabled

    Published: 2014-08-14