Over the years this question comes up from time to time, and here I am bringing it up again. Has anyone created a way to monitor IPSec sessions (no tunnels) on a router (IOS or IOS-XE)? Hope/desire would be:
- Extract data from "show crypto isakmp sa details"
| C-id | Local | Remote | I-VRF | Status | Encr | Hash | Auth | DH | Lifetime | Cap. |
| 6419 | xxx.xxx.xxx.xxx | xxx.xxx.xxx.xxx | | ACTIVE | aes | sha | psk | 2 | 02:39:30 | DK |
| | Engine-id:Conn-id = SW:1419 | | | | |
- Extract encryption/decryption data from "show crypto ipsec sa peer xxx.xxx.xxx.xxx" and update periodically
Then display all this data in a nice, clean table.
Ideas?
D
(NPM 2019.4)
