How to Display IPsec Policies

You can see the policies that are configured in the system when you issue the ipsecconf command without any arguments.

Before You Begin

You must run the ipsecconf command in the global zone.

1. Assume a role that includes the Network IPsec Management profile, or become superuser.

   To create a role that includes a network security profile and assign that role to a user, see How to Configure a Role for Network Security.

2. Display IPsec policies.

   1. Display the global IPsec policy entries in the order that the entries were added.

      $ ipsecconf

      The command displays each entry with an index followed by a number.

   2. Display the IPsec policy entries in the order in which a match occurs.

      $ ipsecconf -l

   3. Display the IPsec policy entries, including per-tunnel entries, in the order in which a match occurs.

      $ ipsecconf -L