Oracle Cloud Infrastructure Documentation

Getting an IPSec Tunnel's Details

Get configuration details for an IPSec tunnel in an IPSec connection.

When you successfully create the IPSec connection, Oracle produces important configuration information for each of the resulting IPSec tunnels. You can view that information and the status of the tunnels at any time. This includes the BGP status if the tunnel is configured to use BGP dynamic routing.

    1. On the Site-to-Site VPN list page, select the IPSec connection that contains the tunnel you want to work with. If you need help finding the list page or the IPSec connection, see Listing IPSec Connections.
    2. On the details page, perform one of the following actions depending on the option that you see:
      • Select the Tunnels tab, then select the name of the tunnel you want to work with.
      • Scroll down to the table following the IPSec connection details, which lists the IPSec tunnels in the IPSec connection. Then select the name of the tunnel you want to work with.
    3. To view a tunnel's shared secret, perform one of the following actions depending on the option that you see:
      • Next to Shared secret on the tunnel details tab, select the Actions menu Actions Menu and then select Show.
      • Next to Shared secret on the tunnel information tab, select Show.
    4. To change a tunnel's shared secret, perform one of the following actions depending on the option that you see:
      • Next to Shared secret on the tunnel details tab, select the Actions menu Actions Menu and then select Edit.
      • Next to Shared secret on the tunnel information tab, select Edit.

      From here, you can enter a new value for the shared secret. Only numbers, letters, and spaces are allowed. Then select Save Changes.

    5. To view Phase one (ISAKMP) information and Phase two (IPSec) information, select the Phase details tab.
    6. To view a tunnel's BGP advertised and received routes (including the AS PATH for each route) perform one of the following actions depending on the option that you see:
      • Select either the BGP Routes Received tab or the BGP Routes Advertised tab.
      • Under Resources, select either BGP Routes Received or BGP Routes Advertised.
    7. To access the CPE Configuration Helper from this location, perform one of the following actions depending on the option that you see:
      • Select Open CPE configuration helper.
      • Select the Actions button, then select Open CPE configuration helper.

      The helper opens on the right side of the page.

      It shows information such as the CPE's public IP address and vendor. See Get CPE Device Configuration Information for more about using the helper.

  • Use the network ip-sec-tunnel get command and required parameters to get configuration details for an IPSec tunnel:

    oci network ip-sec-tunnel get --ipsc-id ipsec-ocid --tunnel-id tunnel-ocid ... [OPTIONS]

    Use the network ip-sec-psk get command and required parameters to get the specified tunnel's shared secret (pre-shared key):

    oci network ip-sec-psk get --ipsc-id ipsec-ocid --tunnel-id tunnel-ocid ... [OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the GetIPSecConnectionTunnel operation to get configuration details for an IPSec tunnel.

    Run the GetIPSecConnectionTunnelSharedSecret operation to get the specified tunnel's shared secret (pre-shared key).