[root@Fed14 etc]# ipsec statusall 000 Status of IKEv1 pluto daemon (strongSwan 4.6.2): 000 interface lo/lo ::1:500 000 interface lo/lo 127.0.0.1:500 000 interface eth1/eth1 10.10.10.7:500 000 interface eth0/eth0 10.125.47.47:500 000 interface eth2/eth2 20.20.20.2:500 000 interface eth1.400/eth1.400 12.1.1.10:500 000 interface eth1.500/eth1.500 16.1.1.10:500 000 interface eth2.400/eth2.400 11.1.1.1:500 000 interface eth2.500/eth2.500 22.1.1.1:500 000 %myid = '%any' 000 loaded plugins: aes des sha1 sha2 md5 random x509 pkcs1 pkcs8 pgp dnskey pem gmp hmac xauth attr kernel-netlink resolve 000 debug options: none 000 000 "conn502": 10.10.10.0/24===10.10.10.7[C=IN, ST=BLR, O=Wipro Technologies, OU=RA, CN=oms]:1/0...10.10.10.6[10.10.10.6]:1/0===10.10.10.0/24; erouted; eroute owner: #6 000 "conn502": CAs: "O=Wipro Technologies, OU=RA, E=karanjot.singh@wipro.com, L=BLR, ST=BLR, C=IN, CN=NSN ODC Test CA"...%any 000 "conn502": ike_life: 83376s; ipsec_life: 86400s; rekey_margin: 180s; rekey_fuzz: 50%; keyingtries: 0 000 "conn502": dpd_action: restart; dpd_delay: 10s; dpd_timeout: 120s; 000 "conn502": policy: PUBKEY+ENCRYPT+TUNNEL; prio: 24,24; interface: eth1; 000 "conn502": newest ISAKMP SA: #1; newest IPsec SA: #6; 000 "conn502": IKE proposal: 3DES_CBC/HMAC_SHA1/MODP_1024 000 "conn502": ESP proposal: 3DES_CBC/HMAC_SHA1/ 000 000 #6: "conn502" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 202s; newest IPSEC; eroute owner 000 #6: "conn502" esp.c361a998@10.10.10.6 (0 bytes) esp.cd1fefd2@10.10.10.7 (0 bytes); tunnel 000 #5: "conn502" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 149s 000 #5: "conn502" esp.c9efac8d@10.10.10.6 (0 bytes) esp.c1c20f9a@10.10.10.7 (0 bytes); tunnel 000 #4: "conn502" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 103s 000 #4: "conn502" esp.c9adba01@10.10.10.6 (0 bytes) esp.c1a2c0d0@10.10.10.7 (0 bytes); tunnel 000 #3: "conn502" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 55s 000 #3: "conn502" esp.c2df58a4@10.10.10.6 (0 bytes) esp.c96eb76e@10.10.10.7 (0 bytes); tunnel 000 #2: "conn502" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 3s 000 #2: "conn502" esp.c11e8f13@10.10.10.6 (0 bytes) esp.c29abdd9@10.10.10.7 (0 bytes); tunnel 000 #1: "conn502" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 83079s; newest ISAKMP; DPD active 000 Status of IKEv2 charon daemon (strongSwan 4.6.2): uptime: 3 minutes, since Jun 13 15:40:12 2012 malloc: sbrk 135168, mmap 0, used 81296, free 53872 worker threads: 8 of 16 idle, 7/1/0/0 working, job queue: 0/0/0/0, scheduled: 0 loaded plugins: aes des sha1 sha2 md5 random x509 revocation constraints pubkey pkcs1 pkcs8 pgp pem fips-prf gmp xcbc hmac attr kernel-netlink resolve socket-raw stroke updown Listening IP addresses: 10.10.10.7 10.125.47.47 20.20.20.2 12.1.1.10 16.1.1.10 11.1.1.1 22.1.1.1 Connections: Security Associations (0 up, 0 connecting): none