CLI command for IPSEC tunnel info

Reply
Highlighted
L1 Bithead

CLI command for IPSEC tunnel info

Hello friends,

 

I am looking for cli command to see all the details related to ipsec tunnels configured on the gateway. I need information related to tunnel id, peer ip and their status. Is there any command available ? I can see details under gui but i cant see tunnel id.

 

Please help on this. Thank you.

Tags (3)

Accepted Solutions
Highlighted
L5 Sessionator

Re: CLI command for IPSEC tunnel info

@Joshim,

 

hello, yes you can use below command to see required information.

 

' show vpn flow'

 

Hope this helps !

 

Mayur



Mayur Sutare

View solution in original post


All Replies
Highlighted
L5 Sessionator

Re: CLI command for IPSEC tunnel info

@Joshim,

 

hello, yes you can use below command to see required information.

 

' show vpn flow'

 

Hope this helps !

 

Mayur



Mayur Sutare

View solution in original post

Highlighted
L4 Transporter

Re: CLI command for IPSEC tunnel info

Hi @Joshim,

 

One of the best think I love with Palo Alto is the "find command".

 

If you know what you want to execute, but not sure what is the full correct command you can always run find:

> find command keyword 
  <value>  CLI keyword

> find command keyword vpn
<shortened>
show vpn gateway name <value>
show vpn gateway match <value>
show vpn tunnel name <value>
show vpn tunnel match <value>
show vpn ike-sa gateway <value>
show vpn ike-sa match <value>
show vpn ike-sa detail gateway <value>
show vpn ike-hashurl 
show vpn ipsec-sa tunnel <value>
show vpn ipsec-sa match <value>
show vpn ipsec-sa summary 
show vpn flow name <value>
show vpn flow tunnel-id <1-65535>
<shortened>

 

You can use the find command in user and configure mode. If you run it in configure mode it will show you the set commands that contain your keyword

Highlighted
L1 Bithead

Re: CLI command for IPSEC tunnel info

@SutareMayur , I got expected output using command provided by you. Thank you so much for your help.

Highlighted
L1 Bithead

Re: CLI command for IPSEC tunnel info

@AlexanderAstardzhiev It was informative. Thanks for sharing same.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!