Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


show security ipsec tunnel-events-statistics



Show tunnel event statistics.

Required Privilege Level


Sample Output

show security ipsec tunnel-events statistics

Release Information

Command introduced in Junos OS Release 12.3X48-D10.

Starting with Junos OS Release 15.1X49-D120, you can configure the CLI option reject-duplicate-connection at the [edit security ike gateway gateway-name dynamic] hierarchy level to retain an existing tunnel session and reject negotiation requests for a new tunnel with the same IKE ID. By default, an existing tunnel is tear down when a new tunnel with the same IKE ID is established. The reject-duplicate-connection option is only supported when ike-user-type group-ike-id or ike-user-type shared-ike-id is configured for the IKE gateway; the aaa access-profile profile-name configuration is not supported with this option.

Use the CLI option reject-duplicate-connection only when you are certain that reestablishment of a new tunnel with the same IKE ID should be rejected.