show crypto spd domain ipsec
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
show crypto spd domain ipsec
To display the security policy database (SPD), use the show crypto spd domain ipsec command.
Syntax Description
interface gigabitethernet slot/port
policy number
Defaults
Displays all SPD information.
Command Modes
EXEC mode.
Command History
Release
2.0(x)
Usage Guidelines
To use this command, IPsec must be enabled using the crypto ipsec enable command.
Examples
The following example shows how to display the SPD.
switch# show crypto spd domain ipsec
Policy Database for interface: GigabitEthernet1/1, direction: Both
#
#
#
#
Policy Database for interface: GigabitEthernet1/2, direction: Both
#
#
#
#
#
Related Commands
Command
crypto ipsec enable
Cisco MDS 9000 Family Command Reference
22-48
show crypto spd domain ipsec [interface gigabitethernet slot/port [policy number]]
Modification
This command was introduced.
0:
deny
udp any port eq 500 any
1:
deny
udp any any port eq 500
2:
permit ip any any
63:
deny
ip any any
0:
deny
udp any port eq 500 any
1:
deny
udp any any port eq 500
3:
permit ip 10.10.50.1 255.255.255.255 10.10.50.2 255.255.255.255
4:
permit ip 10.10.51.1 255.255.255.255 10.10.51.2 255.255.255.255
63:
deny
ip any any
Description
Enables IPsec.
Displays SPD information for a specific Gigabit Ethernet
interface.
Specifies a SPD policy number.
Chapter 22
Show Commands
OL-8413-07, Cisco MDS SAN-OS Release 3.x