HP VPN Firewall Appliances VPN Command Reference
66
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES;
A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES;
A:HMAC-MD5-96
Table 16 Command output
Field Descri
p
tion
Src Address Local IP address.
Dst Address Remote IP address.
SPI Security parameter index.
Protocol Security protocol used by IPsec.
Algorithm
Authentication algorithm and encryption algorithm used by the security protocol,
where E indicates the encryption algorithm and A indicates the authentication
algorithm. A value of NULL means that type of algorithm is not specified.
# Display detailed information about all IPsec SAs.
<Sysname> display ipsec sa
===============================
Interface: GigabitEthernet0/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "r2"
sequence number: 1
acl version: ACL4
mode: isakmp
-----------------------------
connection id: 3
encapsulation mode: tunnel
perfect forward secrecy:
tunnel:
local address: 2.2.2.2
remote address: 1.1.1.2
flow:
sour addr: 192.168.2.0/255.255.255.0 port: 0 protocol: IP
dest addr: 192.168.1.0/255.255.255.0 port: 0 protocol: IP
[inbound ESP SAs]
spi: 3564837569 (0xd47b1ac1)
transform-set: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa duration (kilobytes/sec): 4294967295/604800