Command:  

show crypto isakmp policy


Mode:

Router#
Router>


Syntax:

show crypto isakmp policy


Syntax Description:

This command has no arguments or keywords.
 

Command Description:

To view the parameters for each Internet Key Exchange (IKE) policy, use the show crypto isakmp policycommand command in EXEC mode.


Example:

The following is sample output from the show crypto isakmp policycommand, after two IKE policies have been configured (with priorities 15 and 20, respectively):

Router# show crypto isakmp policy

Protection suite priority 15

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm:  Message Digest 5

        authentication method:   Rivest-Shamir-Adleman Signature

        Diffie-Hellman Group:    #2 (1024 bit)

        lifetime:      5000 seconds, no volume limit

Protection suite priority 20

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm: Secure Hash Standard

        authentication method:   preshared Key

        Diffie-Hellman Group:    #1 (768 bit)

        lifetime:      10000 seconds, no volume limit

Default protection suite

        encryption algorithm:    DES - Data Encryption Standard (56 bit keys)

        hash algorithm: Secure Hash Standard

        authentication method:   Rivest-Shamir-Adleman Signature

        Diffie-Hellman Group:    #1 (768 bit)

        lifetime:      86400 seconds, no volume limit

The following sample output from the show crypto isakmp policycommand displays a warning message after a user tries to configure an IKE encryption method that the hardware does not support:

Router#  show crypto isakmp policy

Protection suite of priority 1

encryption algorithm: AES - Advanced Encryption Standard (256 bit keys).

WARNING:encryption hardware does not support the configured

encryption method for ISAKMP policy 1

hash algorithm: Secure Hash Standard

authentication method: Pre-Shared Key

Diffie-Hellman group: #1 (768 bit)

lifetime: 3600 seconds, no volume limit

 

Misconceptions:

None


Related commands:

 

crypto isakmp policy


© Cisco Systems, Inc. 2001, 2002
World Wide Education








Converted from CHM to HTML with chm2web Pro 2.85 (unicode)