diff options
author | Christian Breunig <christian@breunig.cc> | 2024-07-13 17:13:03 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-07-13 17:13:03 +0200 |
commit | e8b2a6cd9605676c5cbf302d0a6c367bcfcf1ce9 (patch) | |
tree | fcc9c9936db5ef8580322536571e5979784bda66 /docs | |
parent | 48df581e8a0bd0be776c5494ff52e6da704081d0 (diff) | |
parent | cd1dcb5d8e66e3431415ebf31a2d5902b30c1ffc (diff) | |
download | vyos-documentation-e8b2a6cd9605676c5cbf302d0a6c367bcfcf1ce9.tar.gz vyos-documentation-e8b2a6cd9605676c5cbf302d0a6c367bcfcf1ce9.zip |
Merge pull request #1505 from srividya0208/ipsecre
ipsec: Added information about operational commands
Diffstat (limited to 'docs')
-rw-r--r-- | docs/configuration/vpn/ipsec.rst | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index 172b3c64..c1ec645f 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -567,3 +567,71 @@ be imported. During profile import, the user is asked to enter its IPSec credentials (username and password) which is stored on the mobile. + +Operation Mode +============== + +.. opcmd:: show vpn ike sa + + Show all currently active IKE Security Associations. + +.. opcmd:: show vpn ike sa nat-traversal + + Show all currently active IKE Security Associations (SA) that are using + NAT Traversal. + +.. opcmd:: show vpn ike sa peer <peer_name> + + Show all currently active IKE Security Associations (SA) for a specific + peer. + +.. opcmd:: show vpn ike secrets + + Show all the configured pre-shared secret keys. + +.. opcmd:: show vpn ike status + + Show the detailed status information of IKE charon process. + +.. opcmd:: show vpn ipsec connections + + Show details of all available VPN connections + +.. opcmd:: show vpn ipsec policy + + Print out the list of existing crypto policies + +.. opcmd:: show vpn ipsec sa + + Show all active IPsec Security Associations (SA) + +.. opcmd:: show vpn ipsec sa detail + + Show a detailed information of all active IPsec Security Associations (SA) + in verbose format. + +.. opcmd:: show vpn ipsec state + + Print out the list of existing in-kernel crypto state + +.. opcmd:: show vpn ipsec status + + Show the status of running IPsec process and process ID. + +.. opcmd:: restart ipsec + + Restart the IPsec VPN process and re-establishes the connection. + +.. opcmd:: reset vpn ipsec site-to-site all + + Reset all site-to-site IPSec VPN sessions. It terminates all active + child_sa and reinitiates the connection. + +.. opcmd:: reset vpn ipsec site-to-site peer <name> + + Reset all tunnels for a given peer, can specify tunnel or vti interface. + It terminates a specific child_sa and reinitiates the connection. + +.. opcmd:: show log ipsec + + Show logs for IPsec |