diff options
| author | srividya0208 <a.srividya@vyos.io> | 2024-07-12 02:03:37 -0400 | 
|---|---|---|
| committer | Mergify <37929162+mergify[bot]@users.noreply.github.com> | 2024-07-13 15:14:10 +0000 | 
| commit | dc6ec3b9659871f5087252680dc8370d00a30e92 (patch) | |
| tree | 63fa5e23c1bf8b28c42ec85aab5beea99b315279 /docs | |
| parent | f06fc4d6a888e5c2d6803b36a2e810fd310e043e (diff) | |
| download | vyos-documentation-dc6ec3b9659871f5087252680dc8370d00a30e92.tar.gz vyos-documentation-dc6ec3b9659871f5087252680dc8370d00a30e92.zip | |
ipsec: Added information about operational commands
(cherry picked from commit cd1dcb5d8e66e3431415ebf31a2d5902b30c1ffc)
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/configuration/vpn/ipsec.rst | 68 | 
1 files changed, 68 insertions, 0 deletions
| diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst index d33ae37e..62b4becd 100644 --- a/docs/configuration/vpn/ipsec.rst +++ b/docs/configuration/vpn/ipsec.rst @@ -568,3 +568,71 @@ be imported.  During profile import, the user is asked to enter its IPSec credentials  (username and password) which is stored on the mobile. + +Operation Mode +============== + +.. opcmd:: show vpn ike sa + +   Show all currently active IKE Security Associations. + +.. opcmd:: show vpn ike sa nat-traversal + +   Show all currently active IKE Security Associations (SA) that are using +   NAT Traversal. + +.. opcmd:: show vpn ike sa peer <peer_name> + +   Show all currently active IKE Security Associations (SA) for a specific +   peer. + +.. opcmd:: show vpn ike secrets + +   Show all the configured pre-shared secret keys. + +.. opcmd:: show vpn ike status + +   Show the detailed status information of IKE charon process. + +.. opcmd:: show vpn ipsec connections + +   Show details of all available VPN connections + +.. opcmd:: show vpn ipsec policy + +   Print out the list of existing crypto policies + +.. opcmd:: show vpn ipsec sa + +   Show all active IPsec Security Associations (SA) + +.. opcmd:: show vpn ipsec sa detail + +   Show a detailed information of all active IPsec Security Associations (SA) +   in verbose format. + +.. opcmd:: show vpn ipsec state + +   Print out the list of existing in-kernel crypto state + +.. opcmd:: show vpn ipsec status + +   Show the status of running IPsec process and process ID. + +.. opcmd:: restart ipsec + +   Restart the IPsec VPN process and re-establishes the connection. + +.. opcmd:: reset vpn ipsec site-to-site all + +   Reset all site-to-site IPSec VPN sessions. It terminates all active  +   child_sa and reinitiates the connection. + +.. opcmd:: reset vpn ipsec site-to-site peer <name> + +   Reset all tunnels for a given peer, can specify tunnel or vti interface. +   It terminates a specific child_sa and reinitiates the connection. + +.. opcmd:: show log ipsec + +   Show logs for IPsec | 
