# Task: IPsec — v7.3.0 **Version:** 7.3.0 **Category:** Security **Description:** IKE configuration and IPsec tunnels state **New in this version:** No **IPv6 Support:** No **URL:** https://feature-matrix-imenovsky01a.user.ipf.cx/7.3.0/task/90374999 --- ## Vendor Support Matrix | Vendor / Family | Status | IPv6 | Notes | |-----------------|--------|------|-------| | aws | ✓ | — | | | alcatel@aos | ✗ | — | | | azure | ✓ | — | | | brocade@fastiron | ✗ | — | | | cisco@ios | ✓ | — | | | cisco@ios-xe | ✓ | — | | | cisco@nx-os | ✗ | — | | | cisco@ios-xr | ✗ | — | | | cisco@asa | ✓ | — | | | cisco@wlc-air | ○ | — | | | cisco@sg | ○ | — | | | cisco@ftd | ✗ | — | | | cisco@aci | ○ | — | | | cisco@meraki | ✗ | — | | | cisco@viptela | ✓ | — | | | cisco@apic | ○ | — | | | cisco@encs | ✗ | — | | | dell@ftos | ○ | — | | | dell@powerconnect | ○ | — | | | dell@os10 | ○ | — | | | fs@fsos | ✗ | — | | | gcp | ✓ | — | | | hpe@comware | ✗ | — | | | hpe@aruba | ○ | — | | | hpe@arubasw | ○ | — | | | hpe@arubacx | ✗ | — | | | hpe@3com | ○ | — | | | hpe@aruba-iap | ○ | — | | | riverbed@steelhead | ○ | — | | | fortinet@fortigate | ✓ | — | | | fortinet@fortiswitch | ✗ | — | | | forcepoint@ngfw | ✓ | — | | | paloalto@pan-os | ✓ | — | | | paloalto@prisma | ✗ | — | | | juniper@junos | ✓ | — | | | juniper@mist | ○ | — | | | checkpoint@gaia | ✗ | — | | | checkpoint@gaia-embedded | ✗ | — | | | extreme@boss | ○ | — | | | extreme@enterasys | ○ | — | | | extreme@voss | ○ | — | | | extreme@exos | ○ | — | | | arista@eos | ○ | — | | | f5@big-ip | ○ | — | | | huawei@vrp | ✗ | — | | | mikrotik@routeros | ✓ | — | | | quagga | ○ | — | | | frr | ○ | — | | | versa@vos | ✓ | — | | | silverpeak@unity | ✗ | — | | | vmware@nsx-t | ✗ | — | | | vmware@velocloud | ✗ | — | | | ruckus@vsz | ✗ | — | | | opengear@og | ✗ | — | | | opengear@og-om | ✗ | — | | | stormshield@sn | ✓ | — | | | nokia@timos | ✗ | — | | | citrix@adc | ✗ | — | | --- ## CLI Commands | Vendor / Family | Command | Notes | |-----------------|---------|-------| | mikrotik@routeros | `/ip/dns/cache/print detail` | | | forcepoint@ngfw | `GET /elements/[single_fw\|virtual_fw\|fw_cluster]/` | | | forcepoint@ngfw | `GET /elements` | | | forcepoint@ngfw | `ip -s -s -d link` | | | forcepoint@ngfw | `sg-status -l` | | | fortinet@fortigate | `show system interface` | | | fortinet@fortigate | `show vpn ipsec phase1-interface` | | | fortinet@fortigate | `show vpn ipsec phase1` | | | fortinet@fortigate | `diagnose vpn tunnel list` | | | fortinet@fortigate | `diagnose vpn ike gateway list` | | | fortinet@fortigate | `get system status` | | | forcepoint@ngfw | `GET /elements/[single_fw\|virtual_fw\|fw_cluster]//internal_gateway/` | | | mikrotik@routeros | `/ip dns cache print detail` | | | mikrotik@routeros | `/ip address print detail` | | | mikrotik@routeros | `/ip ipsec proposal print detail` | | | mikrotik@routeros | `/ip ipsec profile print detail` | | | mikrotik@routeros | `/ip ipsec installed-sa print detail` | | | mikrotik@routeros | `/ip ipsec identity print detail` | | | mikrotik@routeros | `/ip ipsec policy print detail` | | | mikrotik@routeros | `/ip ipsec active-peer print detail` | | | mikrotik@routeros | `/ip ipsec peer print detail` | | | stormshield@sn | `cat /usr/Firewall/ConfigFiles/VPN/` | | | stormshield@sn | `netstat -rn -f inet` | | | stormshield@sn | `ifconfig -a` | | | stormshield@sn | `monitor getsa` | | | stormshield@sn | `monitor getikesa` | | | stormshield@sn | `config object list type=all` | | | stormshield@sn | `cat /usr/Firewall/ConfigFiles/VPN/slotinfo` | | | stormshield@sn | `cat /usr/Firewall/ConfigFiles/VPN/ph2profile` | | | stormshield@sn | `cat /usr/Firewall/ConfigFiles/VPN/ph1profile` | | | stormshield@sn | `cat /usr/Firewall/ConfigFiles/VPN/peer` | | | paloalto@pan-os | `show inteface all` | | | versa@vos | `GET /vnms/dashboard/appliance//live?command=interfaces?deep` | | | versa@vos | `GET /vnms/dashboard/appliance//live?command=orgs/org-services//ipsec/vpn-profile?deep` | | | forcepoint@ngfw | `GET /elements/mgt_server/` | | | forcepoint@ngfw | `GET /elements/external_gateway//external_endpoint/` | | | forcepoint@ngfw | `GET /elements/external_gateway/` | | | forcepoint@ngfw | `POST /monitoring_status` | | | forcepoint@ngfw | `GET /elements/rbvpn_tunnel/` | | | forcepoint@ngfw | `GET /elements/[single_fw\|virtual_fw\|fw_cluster]//internal_gateway//internal_endpoint/` | | | forcepoint@ngfw | `GET /elements/gateway_profile/` | | | azure | `GET /vpnSites` | | | cisco@ios-xe | `show run \| inc qos queue-stats-frame-count` | "show run | inc qos queue-stats-frame-count" for selected IOS-XE platforms (cat3k/cat9k) | | cisco@ios-xe | `show interfaces` | | | cisco@ios-xe | `show crypto ipsec sa` | | | cisco@ios-xe | `show crypto ikev2 sa detailed` | | | cisco@ios-xe | `show crypto isakmp sa detail` | | | cisco@ios | `show interfaces` | | | cisco@ios | `show crypto ipsec sa` | | | cisco@ios | `show crypto ikev2 sa detailed` | | | cisco@ios | `show crypto isakmp sa detail` | | | cisco@asa | `show crypto isakmp sa detail` | | | azure | `GET /vpnGateways//vpnConnection//vpnLinkConnections//getikesas` | | | azure | `GET /vpnGateways` | | | azure | `GET /virtualNetworkGateways` | | | azure | `GET /virtualNetworks` | | | azure | `GET /publicIPAddresses` | | | azure | `GET /localNetworkGateways` | | | azure | `GET /connections//getikesas` | | | azure | `GET /connections` | | | aws | `SDK ec2:DescribeVpnConnectionsCommand` | | | gcp | `GET /compute/v1/projects//aggregated/vpnTunnels` | | | paloalto@pan-os | `show interface ` | | | paloalto@pan-os | `show vpn tunnel` | | | paloalto@pan-os | `show vpn ipsec-sa` | | | paloalto@pan-os | `show vpn ike-sa` | | | paloalto@pan-os | `show vpn gateway` | | | paloalto@pan-os | `show vpn flow tunnel-id ` | | | juniper@junos | `show configuration \| display set \| except "^deactivate"` | | | juniper@junos | `show security ipsec security-associations detail` | | | juniper@junos | `show security ike security-associations detail` | | | aws | `SDK ec2:DescribeCustomerGatewaysCommand` | | | gcp | `GET /compute/v1/projects//aggregated/vpnGateways` | | | gcp | `GET /compute/v1/projects//aggregated/targetVpnGateways` | | | gcp | `GET /compute/v1/projects//aggregated/forwardingRules` | | | gcp | `GET /compute/v1/projects//global/networks` | | | cisco@viptela | `GET /dataservice/device/interface?deviceId=` | | | cisco@viptela | `GET /dataservice/device/ipsec/ike/outbound?deviceId=` | | | cisco@viptela | `GET /dataservice/device/ipsec/ike/sessions?deviceId=` | | | cisco@asa | `show interfaces detail` | | | cisco@asa | `show crypto ipsec sa` | | --- ## Legend - **✓** = Fully Integrated - **✗** = Not Yet Integrated - **○** = Not Available *Generated: 2026-04-16T18:40:38.341Z*