show vpn site-to-site

show vpn site-to-site [advanced-settings]

HostName> show vpn site-to-site
mode:                         on
default-access-to-lan:        accept
track:                        log
local-encryption-domain:      auto
encryption-domains:
manual-source-ip-address:
source-ip-address-selection:  automatically
outgoing-interface-selection: routing-table
use-dpd-responder-mode:       false
tunnel-health-monitor-mode:   tunnel-test
ike-v2-global-gateway-id:     HostName

HostName> 

HostName> show vpn site-to-site advanced-settings
sync-sa-with-other-cluster-members:200000
period-before-crl-valid:      7200
delete-tunnel-sas-on-tt-fail: true
udp-encapsulation-for-firewalls-and-proxies:true
copy-diff-serv-from-ipsec-packet:false
dpd-triggers-new-ike-negotiation:true
tunnel-test-from-internal:    false
outgoing-rulebase-match:      false
ike-dos-protection-known-sites:none
enable-link-selection:        true
limit-open-sas:               20
copy-diff-serv-to-ipsec-packet:true
delete-ipsec-sas-on-ikes-delete:false
keep-dont-fragment-flag-on-packet:false
log-vpn-packet-handling-errors:log
permanent-tunnel-up-track:    log
vpn-tunnel-sharing:           subnets
vpn-configuration-and-key-exchange-errors:log
no-local-dns-encrypt:         false
is-admin-access-agnostic:     true
keep-ikesa-keys:              auto-mode
maximum-concurrent-ike-negotiations:200
delete-ike-sas-from-a-dead-peer:true
local-conns-from-internal:    false
check-validity-of-ipsec-reply-packets:false
ike-dos-protection-unknown-sites:none
bypass-psl-inspection:        false
reply-from-same-ip:           true
log-vpn-outgoing-link:        none
maximum-concurrent-vpn-tunnels:10000
log-notification-for-administrative-actions:log
log-vpn-successful-key-exchange:log
reply-from-incoming-interface:false
timeout-for-an-rdp-packet-reply:10
perform-ike-using-cluster-ip: true
period-after-crl-not-valid:   1800
permanent-tunnel-down-track:  log
ike-use-largest-possible-subnets:true
no-local-conns-encrypt:       false

HostName>