Concept Guide
show crypto-local isakmp
show crypto-local isakmp
allow-via-subnet-routes
ca-certificate
certificate-group
disable-aggressive-mode
dpd
key [peer <peer-ip> | fqdn <ike-id-fqdn>]
server-certificate
xauth
Descriptions
This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key
Management Protocol (ISAKMP).
Syntax
Parameter Description
allow-via-subnet-routes
Shows if the controller is configured to accept subnet
routes from VIA clients.
ca-certificate
Shows all the Certificate Authority (CA) certificate
associated with VPN clients.
certificate-group
Shows the existing certificate groups by server
certificate name and CA certificate.
disable-aggressive-mode
Shows if aggressive-mode is enabled or disabled.
dpd
Shows the IKE Dead Peer Detection (DPD)
configuration on the local controller.
key [peer <peer-ip> | fqdn <ike-id-fqdn>]
Shows the IKE pre-shared key on the local controller
for site-to-site VPN. This is includes keys configured
by Fully Qualified Domain Name (FQDN) and local
and global keys configured by IP address.
server-certificate
Shows all the IKE server certificates used to
authenticate the controller for VPN clients.
xauth
Shows the IKE XAuth configuration for VPN clients.
Usage Guidelines
Use the show crypto-local isakmp command to view IKE parameters.
Examples
This example shows sample output for the show crypto-local isakmp allow-via-subnet-routes, show
crypto-local ca-certificate, show crypto-local dpd, show crypto-local key, show crypto-local server-
Dell Networking W-Series ArubaOS 6.5.x | Reference Guide show crypto-local isakmp | 1418