R3303-HP HSR6800 Routers Security Command Reference
276
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any parameters, the command displays information about all IPsec SAs.
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES;
A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES;
A:HMAC-MD5-96
Table 40 Command output
Field Descri
p
tion
Src Address
Local IP address. For SAs generated through GDOI policies or SAs generated
through policies that are applied to IPv6 routing protocols, "—" is displayed for
this field.
Dst Address
Remote IP address. For SAs generated through GDOI policies or SAs generated
through policies that are applied to IPv6 routing protocols, "—" is displayed for
this field.
SPI Security parameter index.
Protocol Security protocol used by IPsec.
Algorithm
Authentication algorithm and encryption algorithm used by the security protocol,
where E indicates the encryption algorithm and A indicates the authentication
algorithm. A value of NULL means that type of algorithm is not specified.
# Display detailed information about all IPsec SAs.
<Sysname> display ipsec sa
===============================
Interface: GigabitEthernet3/0/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "r2"
sequence number: 1
acl version: ACL4
mode: isakmp
-----------------------------
PFS: N, DH group: none
tunnel: