R3303-HP HSR6800 Routers Security Command Reference
280
Field Descri
p
tion
transform Security protocol and algorithms used by the IPsec transform set.
in use setting IPsec SA attribute setting: transport or tunnel.
connection id IPsec tunnel identifier.
sa duration Lifetime of the IPsec SA.
sa remaining duration Remaining lifetime of the SA.
anti-replay detection Whether IPsec anti-replay detection is enabled.
anti-replay window size(time
based)
Anti-replay window size (time-based), in seconds.
This field is not displayed if IPsec anti-replay detection is not enabled.
anti-replay window (counter
based)
Anti-replay window size (traffic-based). Its value can be 32, 64, 128,
256, 512, or 1024.
This field is not displayed if IPsec anti-replay detection is not enabled.
udp encapsulation used for nat
traversal
Whether NAT traversal is enabled for the SA.
Related commands
• reset ipsec sa
• ipsec sa global-duration
display ipsec statistics
Use display ipsec statistics to display IPsec packet statistics.
Syntax
display ipsec statistics [ tunnel-id integer ] [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
tunnel-id integer: Specifies an IPsec tunnel by its ID in the range of 1 to 2000000000.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any parameters, the command displays the statistics for all IPsec packets.