Manualshelf

HP VPN Firewall Appliances VPN Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
68
Field Descri
p
tion
IPsec policy name Name of IPsec policy used.
sequence number Sequence number of the IPsec policy.
acl version
ACL version.
If no ACL is referenced, this field displays None.
mode IPsec negotiation mode.
connection id IPsec tunnel identifier.
encapsulation mode Encapsulation mode, transport or tunnel.
perfect forward secrecy Whether the PFC feature is enabled.
DH group
DH group used: 1, 2, 5, or 14.
If no DH group is used, this field is not displayed.
tunnel IPsec tunnel.
local address Local IP address of the IPsec tunnel.
remote address Remote IP address of the IPsec tunnel.
flow Data flow.
sour addr Source IP address of the data flow.
dest addr Destination IP address of the data flow.
port Port number.
protocol Protocol type.
inbound Information of the inbound SA.
spi Security parameter index.
transform-set Security protocol and algorithms used by the IPsec transform set.
sa duration Lifetime of the IPsec SA.
sa remaining key duration Remaining lifetime of the SA.
max sequence-number received
Maximum sequence number of the received packets (relevant to the
anti-replay function provided by the security protocol).
udp encapsulation used for nat
traversal
Whether NAT traversal is enabled for the SA.
outbound Information of the outbound SA.
max sequence-number sent
Maximum sequence number of the sent packets (relevant to the
anti-replay function provided by the security protocol).
anti-replay check enable Whether IPsec anti-replay checking is enabled.
anti-replay window size Size of the anti-replay window.
status
Whether the SA is in the active or standby state.
This field is displayed only when IPsec stateful failover is enabled.
Related commands
reset ipsec sa
ipsec sa global-duration