Technical Documentation
New
Monitoring Secure Policy Lists
Purpose
Display information about only secure policy lists. This command and the output are visible only to authorized users—the mirror-enable command must be enabled before using this command. Use the name keyword to display information for a specific secure policy list.
Action
To display information about secure policy lists:
host1#show secure policy-list
Policy Table
------ -----
Secure IP Policy secureIpPolicy
Administrative state: enable
Reference count: 2
Classifier control list: secClassA
mirror analyzer-ip-address 192.168.1.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543 Referenced by interface(s):
ATM5/0.1 secure-input policy, statistics disabled, virtual-router default
ATM5/0.1 secure-output policy, statistics disabled, virtual-router default
Secure IPv6 Policy secure-ipv6-pol3
Administrative state: enable
Reference count: 2
Classifier control list: *
Mirror analyzer-ip-address 190.168.1.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543
Referenced by interface(s):
GigabitEthernet1/0/2.1.2 secure-input policy, statistics disabled, virtual-router default
GigabitEthernet1/0/2.1.2 secure-output policy, statistics disabled, virtual-router default
Referenced by merged policies:
None
L2TP Secure Policy secureL2tpPolicy
Administrative state: enable
Reference count: 2
Classifier control list: *
mirror analyzer-ip-address 192.168.2.1 analyzer-virtual-router default analyzer-udp-port 3000 mirror-id 6789 session-id 6543 (unreachable) Referenced by interface(s):
TUNNEL l2tp:1/msn.pwh.com/1 secure-input policy, statistics disabled
TUNNEL l2tp:1/msn.pwh.com/1 secure-output policy, statistics disabled
Meaning
Table 1 lists show secure policy-list command output fields.
Table 1: show secure policy-list Output Fields
Field Name | Field Description |
|---|---|
Policy | Type (IP, IPv6, or L2TP) and name of the policy list |
Administrative state | Status of administrative state, enable or disable; set to enable when the policy list is created |
Reference count | Number of attachments to interfaces or profiles |
Classifier control list | Name of the classifier control list |
Mirror analyzer-ip-address | IP address of analyzer device |
Analyzer-virtual-router | Analyzer interface virtual router |
Analyzer-udp-port | UDP port used to communicate with analyzer device |
Mirror-id | Unique identifier of the mirrored session |
Session-id | Unique identifier of the user session |
Referenced by interface(s) | List of interfaces to which the policy is attached; indicates whether the attachment is at secure input or secure output of interface |
Referenced by profile(s) | Not currently supported: always null |
Statistics | Not currently supported: always disabled |
