R3303-HP HSR6800 Routers Security Command Reference
529
Field Description
rule 0 deny udp source-port eq 848
destination-port eq 848
Indicates that any UDP packets whose source and
destination port numbers are both 848 do not need to be
protected by IPsec.
rule 1 deny ospf
Indicates that OSPF protocol packets do not need to be
protected by IPsec.
rule 2 permit icmp
Indicates that any ICMP packets need to be protected by
IPsec.
Rekey transport type Transport type of rekey messages: Multicast or Unicast.
Lifetime (sec) KEK lifetime, in seconds.
Encrypt algorithm KEK encryption algorithm.
Key size KEK key length.
Sig hash algorithm KEK signature hash algorithm.
Sig key length (bit) KEK signature key length, in bits.
Interface Name of the interface bound to the TEK.
Transform Transform set.
anti-replay window size(time based)
Time-based anti-replay window size, in seconds.
This field is displayed only when anti-replay detection is
enabled.
anti-replay window size(counter based)
Traffic-based anti-replay window size: 32, 64, 128,
256, 512, or 1024, in packets.
This field is displayed only when anti-replay detection is
enabled.
display gdoi gm acl
Use display gdoi gm acl to display ACL information for GMs.
Syntax
display gdoi gm acl [ download | local ] [ group group-name ] [ | { begin | exclude | include }
regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
download: Displays the ACL information that the GM downloaded from the KS.
local: Displays the ACL information locally configured on the GM.
group group-name: Displays ACL information for GMs of a GDOI GM group. The group-name argument
is the GDOI GM group name, a case-sensitive string of 1 to 63 characters. If you do not specify this
option, the command displays ACL information for all GMs.