R3303-HP HSR6800 Routers Security Command Reference
271
Field Descri
p
tion
encapsulation mode
IPsec packet encapsulation mode:
• tunnel—Tunnel mode.
• transport—Transport mode.
selector mode
Data flow protection mode of the IPsec policy, standard or
aggregation.
ike-peer name IKE peer referenced by the IPsec policy.
PFS Whether perfect forward secrecy is enabled.
DH group Used DH group. Its value can be 1, 2, 5, or 14.
tunnel local address Local IP address of the tunnel.
tunnel remote address Remote IP address of the tunnel.
transform-set name Transform set referenced by the IPsec policy.
policy enable Whether the IPsec policy is enabled or not.
tfc enable Whether TFC padding is enabled.
inbound/outbound AH/ESP setting
AH/ESP settings in the inbound/outbound direction, including the
SPI and keys.
group name
GDOI group name.
Support for this field depends on the device model.
Related commands
ipsec policy (system view)
display ipsec policy-template
Use display ipsec policy-template to display information about IPsec policy templates.
Syntax
display ipsec policy-template [ brief | name template-name [ seq-number ] ] [ | { begin | exclude |
include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
brief: Displays brief information about all IPsec policy templates.
name: Displays detailed information about a specific IPsec policy template or IPsec policy template
group.
template-name: Specifies the name of the IPsec policy template, a string of 1 to 41 characters.
seq-number: Specifies the sequence number of the IPsec policy template, in the range of 1 to 10000.