Dell Command Line Reference Guide for the S4048–ON System 9.14.2.5

PDF

show crypto ipsec policy

Display the configuration of IPsec authentication and encryption policies.

Syntax
show crypto ipsec policy [name name]
Parameters
name name
(OPTIONAL) Displays configuration details about a specified policy.
Defaults
No default behavior or values.
Command Modes

EXEC

EXEC Privilege

Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

Version
Description
9.10(0.1)
Introduced on the S6010-ON and S4048T-ON.
9.10(0.0)
Introduced on the S3148.
9.10(0.0)
Introduced on the S6100-ON.
9.8(2.0)
Introduced on the S3100 series.
9.8(1.0)
Introduced on the Z9100-ON.
9.8(0.0P5)
Introduced on the S4048-ON.
9.8(0.0P2)
Introduced on the S3048-ON.
9.2(1.0)
Introduced on the Z9500.
9.1.(0.0)
Introduced on the S4810 and Z9000.
8.4.2.0
Introduced on the E-Series.
8.3.19.0
Introduced on the S4820T.
Usage Information

The show crypto ipsec policy command output displays the AH and ESP parameters configured in IPsec security policies, including the SPI number, keys, and algorithms used.

When configured in a helper-reject role, an OSPFv3 router ignores the Grace LSAs that it receives from a restarting OSPFv3 neighbor.

Related Commands

show crypto ipsec sa ipv6– displays the IPsec security associations used on OSPFv3 interfaces.

Example
DellEMC# show crypto ipsec policy

Crypto IPSec client security policy data

Policy name : OSPFv3-1-502
Policy refcount : 1
Inbound ESP SPI : 502 (0x1F6)
Outbound ESP SPI : 502 (0x1F6)
Inbound ESP Auth Key : 123456789a123456789b123456789c12
Outbound ESP Auth Key : 123456789a123456789b123456789c12
Inbound ESP Cipher Key :
123456789a123456789b123456789c123456789d12345678
Outbound ESP Cipher Key :
123456789a123456789b123456789c123456789d12345678
Transform set : esp-3des esp-md5-hmac

Crypto IPSec client security policy data

Policy name : OSPFv3-0-501
Policy refcount : 1
Inbound ESP SPI : 501 (0x1F5)
Outbound ESP SPI : 501 (0x1F5)
Inbound ESP Auth Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba8ed8bb5efe91e97eb7c0
c30808825fb5
Outbound ESP Auth Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba8ed8bb5efe91e97eb7c0
c30808825fb5
Inbound ESP Cipher Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba10345a1039ba8f8a
Outbound ESP Cipher Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba10345a1039ba8f8a
Transform set : esp-128-aes esp-sha1-hmac

show crypto ipsec policy Command Fields

Field
Description
Policy name
Displays the name of an IPsec policy.
Policy refcount
Number of interfaces on the router that use the policy.
Inbound ESP SPI and Outbound ESP SPI
The encapsulating security payload (ESP) security policy index (SPI) for inbound and outbound links.
Inbound ESP Auth Key and Outbound Auth Key
The ESP authentication key for inbound and outbound links.
Inbound ESP Cipher Key and Outbound ESP Cipher Key
The ESP encryption key for inbound and outbound links.
Transform set
The set of security protocols and algorithms used in the policy.
Inbound AH SPI and Outbound AH SPI
The authentication header (AH) security policy index (SPI) for inbound and outbound links.
Inbound AH Key and Outbound AH Key
The AH key for inbound and outbound links.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\