You can use the ikeadm command to do the following:
View aspects of the IKE daemon process
Change the parameters that are passed to the IKE daemon
Display statistics on SA creation during the Phase 1 exchange
Debug IKE processes
See the ikeadm(1M) man page for examples and a full description of this command's options. The privilege level of the running IKE daemon determines which aspects of the IKE daemon can be viewed and modified. You can choose from three levels of privilege.
At the base level of privilege, you cannot view or modify keying material. The base level is the default level at which the in.iked daemon runs.
At the modkeys level of privilege, you can remove, change, and add preshared keys.
At the keymat level of privilege, you can view the actual keying material with the ikeadm command.
The security considerations for the ikeadm command are similar to the considerations for the ipseckey command. See Security Considerations for ipseckey for details.