Skip to main content
Viptela is now part of Cisco.
Support
Product Documentation
Viptela Documentation

show ipsec local-sa

show ipsec local-sa—Display security association information for the IPsec tunnels that have been created for local TLOCs (on vEdge routers only).

Command Syntax

show ipsec local-sa
show ipsec local-sa tloc-address [color [spi [(auth-key-hash | encrypt-key-hash | ip | port) ] ] ] ]

Options

None
Display information for the security associations for all IPsec tunnels that originate on the local router. The SA information is listed in order according to the local TLOC address.
Specific SA
tloc-address [color [spi [(auth-key-hash | encrypt-key-hash | ip | port) ] ] ] ]​
Display information for a specific security association.

Output Fields

The value in the Key Hash fields is created by taking the encryption and authentication key hash keys and creating a single hash.

The other output fields are self-explanatory.

Example Output

vEdge# show ipsec local-sa
                                          SOURCE           SOURCE                          SOURCE             
TLOC ADDRESS     TLOC COLOR       SPI     IPv4             IPv6                            PORT    KEY HASH   
--------------------------------------------------------------------------------------------------------------
172.16.255.11    lte              256     10.0.5.11        ::                              12366   *****cfdc  
172.16.255.11    lte              257     10.0.5.11        ::                              12366   *****cfdc

Release Information

Command introduced in Viptela Software Release 14.1.
In Release 15.2, command renamed from show tunnel local-sa.
In Release 16.3, add display for IPv6 source IP addresses.

  • Was this article helpful?