# Task: IPsec — v4.2.0 **Version:** 4.2.0 **Category:** Security **Description:** IKE configuration and IPsec tunnels state **New in this version:** No **IPv6 Support:** No **URL:** https://feature-matrix-imenovsky01a.user.ipf.cx/4.2.0/task/88718062 --- ## Vendor Support Matrix | Vendor / Family | Status | IPv6 | Notes | |-----------------|--------|------|-------| | aws@ec2 | ✓ | — | | | cisco@ios | ✓ | — | | | cisco@ios-xe | ✓ | — | | | cisco@nx-os | ✗ | — | | | cisco@ios-xr | ✗ | — | | | cisco@asa | ✓ | — | | | cisco@wlc-air | ○ | — | | | cisco@sg | ○ | — | | | cisco@ftd | ✗ | — | | | cisco@aci | ○ | — | | | cisco@meraki | ✗ | — | | | cisco@viptela | ✓ | — | | | dell@ftos | ○ | — | | | dell@powerconnect | ○ | — | | | hp@comware | ✗ | — | | | hp@aruba | ○ | — | | | hp@arubasw | ○ | — | | | hp@arubacx | ✗ | — | | | hp@3com | ○ | — | | | riverbed@steelhead | ○ | — | | | fortinet@fortigate | ✓ | — | | | paloalto | ✓ | — | | | juniper@junos | ✓ | — | | | checkpoint@gaia | ✗ | — | | | checkpoint@gaia-embedded | ✗ | — | | | extreme@boss | ○ | — | | | extreme@enterasys | ○ | — | | | extreme@voss | ○ | — | | | extreme@xos | ○ | — | | | arista@eos | ○ | — | | | f5@big-ip | ○ | — | | | huawei@vrp | ✗ | — | | | mikrotik@routeros | ✓ | — | | | quagga | ○ | — | | | frr | ○ | — | | | versa@vos | ✓ | — | | --- ## CLI Commands | Vendor / Family | Command | Notes | |-----------------|---------|-------| | mikrotik@routeros | `/ip ipsec profile print detail` | | | paloalto | `show vpn ike-sa` | | | paloalto | `show vpn ipsec-sa` | | | paloalto | `show vpn tunnel` | | | paloalto | `show interface ` | | | paloalto | `show inteface all` | | | mikrotik@routeros | `/ip ipsec peer print detail` | | | mikrotik@routeros | `/ip ipsec active-peer print detail` | | | mikrotik@routeros | `/ip ipsec policy print detail` | | | mikrotik@routeros | `/ip ipsec identity print detail` | | | mikrotik@routeros | `/ip ipsec installed-sa print detail` | | | paloalto | `show vpn gateway` | | | mikrotik@routeros | `/ip ipsec proposal print detail` | | | mikrotik@routeros | `/ip address print detail` | | | fortinet@fortigate | `get system status` | | | fortinet@fortigate | `diagnose vpn ike gateway list` | | | fortinet@fortigate | `diagnose vpn tunnel list` | | | fortinet@fortigate | `show vpn ipsec phase1` | | | fortinet@fortigate | `show vpn ipsec phase1-interface` | | | versa@vos | `GET /vnms/dashboard/appliance//live?command=orgs/org-services//ipsec/vpn-profile?deep` | | | versa@vos | `GET /vnms/dashboard/appliance//live?command=interfaces?deep` | | | cisco@asa | `show crypto isakmp sa detail` | | | aws@ec2 | `DescribeVpnConnectionsCommand` | | | cisco@ios | `show crypto isakmp sa detail` | | | cisco@ios | `show crypto ikev2 sa detailed` | | | cisco@ios | `show crypto ipsec sa` | | | cisco@ios | `show interfaces` | | | cisco@ios-xe | `show crypto isakmp sa detail` | | | cisco@ios-xe | `show crypto ikev2 sa detailed` | | | cisco@ios-xe | `show crypto ipsec sa` | | | cisco@ios-xe | `show interfaces` | | | cisco@ios-xe | `show run \| inc qos queue-stats-frame-count` | "show run | inc qos queue-stats-frame-count" for selected IOS-XE platforms (cat3k/cat9k) | | aws@ec2 | `DescribeCustomerGatewaysCommand` | | | cisco@asa | `show crypto ipsec sa` | | | cisco@asa | `show interfaces detail` | | | cisco@viptela | `GET /dataservice/device/ipsec/ike/sessions?deviceId=` | | | cisco@viptela | `GET /dataservice/device/ipsec/ike/outbound?deviceId=` | | | cisco@viptela | `GET /dataservice/device/interface?deviceId=` | | | juniper@junos | `show security ike security-associations detail` | | | juniper@junos | `show security ipsec security-associations detail` | | | juniper@junos | `show configuration \| display set \| except "^deactivate"` | | | paloalto | `show vpn flow tunnel-id ` | | --- ## Legend - **✓** = Fully Integrated - **✗** = Not Yet Integrated - **○** = Not Available *Generated: 2026-04-16T20:19:30.617Z*