Table of ContentsLibraryView in Frames

Displaying existing security policies

You can use the ipsec policy show command to display the contents of the Security Policies Database (SPD), either in its entirety or by combinations of parameters

Considerations

You can display the contents of the Security Policies Database (SPD) by a combination of thse parameters:

  • Source and destination addresses
  • Security protocol (AH or ESP)
  • Direction (relative to your storage system)
  • Specifications of upper-level protocols

Step

  1. At your storage system command line, enter the following command: ipsec policy show [-s src_ip] [-t dst_ip] [-f ip_protocol] [-d {in|out}] [-p {esp|ah}]

Example

The following example displays security policy information for the device that has a source IP address (-s) of 10.56.19.172:

ipsec policy show -s 10.56.19.172 

Index IPAddress /prefix/port/protocol Dir/Policy Alg/SecLevel
----------------------------------- ------
1 10.56.19.172 / 0/ [any ]/any in /IPSEC esp/Default
Parent topic: Security policies and IPsec

Copyright © 1994-2008, NetApp, Inc. All rights reserved.
Part No. 210-04300_A0
Updated for Data ONTAP 7.3.1 on 12 December 2008