Confirm IPsec roles using CLI

Overview

In IPsec each endpoint can be an initiator or a responder. If your IPsec tunnel is configured to accept connections from any IP address, then it is a responder. Otherwise it is an initiator. This detail may be useful when troubleshooting IPsec tunnel issues. 

If you do not have UI access and you wish to determine the IPsec role using CLI, you can run the following command to download and execute a script to show the role for each tunnel.

For NG Firewall

curl -k https://support.edge.arista.com/hc/en-us/article_attachments/15758294213911/ipsec_get_roles | python3

For Micro Edge

curl -k https://support.edge.arista.com/hc/en-us/article_attachments/15760904867607/ipsec_get_roles_me | python3
Follow
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk