CLI command for IPSEC tunnel info

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

CLI command for IPSEC tunnel info

L1 Bithead

Hello friends,

 

I am looking for cli command to see all the details related to ipsec tunnels configured on the gateway. I need information related to tunnel id, peer ip and their status. Is there any command available ? I can see details under gui but i cant see tunnel id.

 

Please help on this. Thank you.

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

@Joshim,

 

hello, yes you can use below command to see required information.

 

' show vpn flow'

 

Hope this helps !

 

Mayur

M

View solution in original post

4 REPLIES 4

Cyber Elite
Cyber Elite

@Joshim,

 

hello, yes you can use below command to see required information.

 

' show vpn flow'

 

Hope this helps !

 

Mayur

M

Hi @Joshim,

 

One of the best think I love with Palo Alto is the "find command".

 

If you know what you want to execute, but not sure what is the full correct command you can always run find:

> find command keyword 
  <value>  CLI keyword

> find command keyword vpn
<shortened>
show vpn gateway name <value>
show vpn gateway match <value>
show vpn tunnel name <value>
show vpn tunnel match <value>
show vpn ike-sa gateway <value>
show vpn ike-sa match <value>
show vpn ike-sa detail gateway <value>
show vpn ike-hashurl 
show vpn ipsec-sa tunnel <value>
show vpn ipsec-sa match <value>
show vpn ipsec-sa summary 
show vpn flow name <value>
show vpn flow tunnel-id <1-65535>
<shortened>

 

You can use the find command in user and configure mode. If you run it in configure mode it will show you the set commands that contain your keyword

@SutareMayur , I got expected output using command provided by you. Thank you so much for your help.

@aleksandar.astardzhiev It was informative. Thanks for sharing same.

  • 1 accepted solution
  • 25120 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!