R3303-HP HSR6800 Routers Security Configuration Guide
90
Group Server List : 100.1.1.100
Group Member : 1.1.1.1
Registration status : Registered
Registered with : 100.1.1.100
Re-register in : 81 sec
Succeeded registrations : 1
Attempted registrations : 1
Last rekey from : 100.1.1.100
Last rekey seq num : 1
Multicast rekeys received: 0
Allowable rekey cipher : Any
Allowable rekey hash : Any
Allowable transform : Any
Rekeys Cumulative
Total received : 129
After latest registration: 129
Rekey received (hh:mm:ss): 00:00:57
ACL Downloaded From KS 100.1.1.100:
rule 0 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.2.0 0.0.0.255
rule 1 permit ip source 10.1.2.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
rule 2 permit ip source 10.1.1.0 0.0.0.255 destination 10.1.3.0 0.0.0.255
rule 3 permit ip source 10.1.3.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
KEK Policy:
Rekey transport type : Multicast
Lifetime (sec) : 243
Encrypt algorithm : AES
Key size : 128
Sig hash algorithm : SHA1
Sig key length (bit) : 2048
TEK Policy:
Interface Ethernet1/1:
IPsec SA:
SPI: 0x640321A(104870426)
Transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
SA timing:
remaining key lifetime (sec): 123
Anti-replay detection: Disabled
Packets between subnet 10.1.1.0/24 and subnet 10.1.2.0/24 are encrypted/de-encrypted by GM 1 and
GM 2.
# Display GM information on KS 1.
<KS1> display gdoi ks members
Group Name: ks1
Group member ID : 1.1.1.1