You can see the policies that are configured in the system when you issue the ipsecconf command without any arguments.
You must run the ipsecconf command in the global zone. For an exclusive-IP zone, you run the ipsecconf command in the non-global zone.
Assume a role that includes the Network IPsec Management profile, or become superuser.
If you are running a release prior to the Solaris 10 4/09 release, the Network IPsec Management profile is not available. Use the Network Security profile.
To create a role that includes a network security profile and assign that role to a user, see How to Configure a Role for Network Security.
Display IPsec policies.
Display the global IPsec policy entries in the order that the entries were added.
$ ipsecconf |
The command displays each entry with an index followed by a number.
Display the IPsec policy entries in the order in which a match occurs.
$ ipsecconf -l |
Display the IPsec policy entries, including per-tunnel entries, in the order in which a match occurs.
$ ipsecconf -L |