R3303-HP HSR6800 Routers Security Command Reference
279
in use setting: Tunnel
connection id: 7
sa duration (kilobytes/sec): 4294967295/604800
sa remaining duration (kilobytes/sec): 1843200/2686
anti-replay detection: Disabled
udp encapsulation used for nat traversal: N/A
status: active
spi: 0xBC1D46C4(3156035268)
transfrom: ESP-ENCRYPT-DES ESP-AUTH-MD5
in use setting: Tunnel
connection id: 8
sa duration (kilobytes/sec): 4294967295/604800
sa remaining duration (kilobytes/sec): 1843200/2686
anti-replay detection: Disabled
Table 41 Command output
Field Descri
p
tion
Interface Interface referencing the IPsec policy.
path MTU Maximum IP packet length supported by the interface.
Protocol Name of the protocol to which the IPsec policy is applied.
IPsec policy name Name of IPsec policy used.
sequence number Sequence number of the IPsec policy.
acl version
ACL version, IPv4 ACL and IPv6 ACL.
If no ACL is referenced, this field displays None.
For an IPsec SA established in GDOI mode, this field is not displayed.
mode IPsec negotiation mode.
PFS Whether the perfect forward secrecy feature is enabled.
DH group Used DH group. Its value can be none, 1, 2, 5, or 14.
tunnel IPsec tunnel.
local address Local IP address of the IPsec tunnel.
remote address Remote IP address of the IPsec tunnel.
flow Data flow.
current outbound spi Value of the SPI used in the outbound direction.
sour addr Source IP address of the data flow.
dest addr Destination IP address of the data flow.
port Port number.
protocol Protocol type.
inbound Information of the inbound SA.
outbound Information of the outbound SA.
spi Security parameter index.