R3303-HP HSR6800 Routers Security Command Reference
505
display gdoi ks policy
Use display gdoi ks policy to display policy information for GDOI KS groups.
Syntax
display gdoi ks policy [ group group-name ]
Views
User view
Default command level
1: Monitor level
Parameters
group group-name: Specifies a GDOI KS group by its name, a case-sensitive string of 1 to 63 characters.
If you do not specify this option, the command displays policy information for all GDOI KS groups.
Examples
# Display policy information for all GDOI KS groups.
<Sysname> display gdoi ks policy
Group Name: GDOI-GROUP8
Server IP: 90.1.1.1
Group Name: farg
Server IP: 90.1.1.1
KEK policy:
Rekey transport type : Unicast
SPI : 0xB2DAFC4C36ABC9D416BB15614DCE9F60
Encryption algorithm : AES-CBC-128
Lifetime : 30000 sec
Remaining lifetime : 5995 sec
Signature algorithm : RSA
Signature key name : REKEYRSA
TEK policy:
Encapsulation : Tunnel
SPI : 0x3EE98709
ACL : frag
Transform : ESP-ENCRYPT-DES ESP-AUTH-MD5
Lifetime : 50000 sec
Remaining lifetime : 25996 sec
Table 86 Command output
Field Descri
p
tion
Group Name GDOI KS group name.
Server IP
IP address of the local GDOI KS, which is the IP address configured by the source
address command.
Rekey transport type Rekey transport type: Multicast or Unicast.