Table of Contents
Advertisement
For more information about using event logs, see the JUNOSe System Event Logging
Reference Guide.
show Commands
To display user information for dynamic IPSec tunnel profiles or subscribers, use the
following show commands.
show ipsec tunnel profile
ipsecXcfgSM IPsec Xauth/ModeCfg state machine
ipsecP1Throttler Ongoing Phase 1 negotiations
Use to display information about all existing IPSec tunnel profiles or a specified
tunnel profile.
Use the detail keyword to display detailed information about the tunnel profile.
Example 1
host1#show ipsec tunnel profile
IPsec tunnel profile ipsec-spg is active with no subscriber
1 IPsec tunnel profile found
Example 2
host1#show ipsec tunnel profile detail ipsec-spg
IPsec tunnel profile ipsec-spg is active with no subscriber
Extended-authentication: pap, no re-authentication
Peer IP characteristics configuration: enabled
Virtual router: default
Local IP address: 10.227.5.31
Local IKE identity: 10.227.5.31
Peer
IKE identity: IP network: not allowed
Maximum subscribers: no limit
Domain suffix: @spg
IP profile: ip-spg
Local IPsec identity: subnet 0.0.0.0 0.0.0.0, proto 0, port 0
Peer IPsec identity: invalid identity
Lifetime: between 1800 and 7200 seconds, and between 100000 and 500000
KB
Reachable networks: none
PFS not configured
Transforms:, tunnel-esp-3des-sha1
Subscribers rejected due to maximum subscribers limit: 0
Completed sessions: 43, totaling 4873 seconds, statistics:
ipsec stats:
outbound:
outboundUserPacketsReceived = 88
outboundUserOctetsReceived
outboundAccPacketsReceived = 88
outboundAccOctetsReceived = 79168
outboundOtherTxErrors = 0
outboundPolicyErrors = 0
inbound:
Chapter 6: Configuring Dynamic IPSec Subscribers
username: *
domain-name: spg.juniper.net
DN: not allowed
= 74544
Monitoring IPSec Tunnel Profiles
191
Advertisement
Table of Contents
Need help?
Do you have a question about the IP SERVICES - CONFIGURATION GUIDE V 11.1.X and is the answer not in the manual?