You can use the ipsec stats command to verify IPsec
configuration, monitor protocol processing, and display IPsec
violations.
The ipsec stats
command displays the following statistics:
- Total number of IPsec packets processed inbound and outbound
- Total number of AH and ESP packets processed
- Total number of AH and ESP processing failures
- Total number of failures and successes of AH and ESP replay
windows
The anti-replay service window protects against replay
attacks. It keeps track of the following statistics:
-
Transmit and receive violations, which might be any of the
following:
- Improper or missing policies
- Improper or missing security associations
- Successful and failed IKE exchanges