Viewing Cisco TrustSec FC Link Encryption Information
Viewing Cisco TrustSec FC Link Encryption Information
You can view information about the Cisco TrustSec FC Link Encryption feature using the show commands
Fabric Manager or Device Manager.
This section covers the following topics:
Viewing FC-SP Interface Information
Use the show fcsp interface command to show all FC-SP-related information for a specific interface.
switch# show fcsp interface fc7/41
fc7/41:
fcsp authentication mode:SEC_MODE_OFF
ESP is enabled
configured mode is: GCM
programmed ingress SA: 300, 303
programmed egress SA: 300
Status:FC-SP protocol in progress
Viewing Running System Information
Use the show running-config fcsp command to show all the run-time information relevant to FC-SP. All
details about ESP and configured interfaces are displayed. Use this command to determine which ports are
using SA.
switch# show running-config fcsp
version 4.1(2)
feature fcsp
fcsp esp sa 300
key 0x00000000000000000000000000123456
salt 0x123456
fcsp esp sa 301
key 0x00000000000000000000000000123456
salt 0x1234567
fcsp esp sa 302
key 0x00000000000000000000000000123456
salt 0x123456
interface fc8/48
fcsp off
fcsp esp manual
ingress-sa 300
ingress-sa 301
egress-sa 300
Viewing FC-SP Interface Statistics
Use the show fcsp interface statistics command to show all statistics related to DHCHAP and ESP for an
interface. The ESP statistics shown depend on the ESP supported by the port ASIC.
switch# show fcsp interface fc3/31 statistics
fc7/41:
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
270
Configuring Cisco TrustSec Fibre Channel Link Encryption