Manualshelf

HP VPN Firewall Appliances VPN Command Reference

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
73
connection id: 5
perfect forward secrecy:
SA's SPI:
inbound: 12345 (0x3039) [ESP]
outbound: 12345 (0x3039) [ESP]
tunnel:
flow:
# Display information about IPsec tunnels in aggregation mode.
<Sysname> display ipsec tunnel
total tunnel: 2
------------------------------------------------
connection id: 4
status: active
perfect forward secrecy:
SA's SPI:
inbound : 2454606993 (0x924e5491) [ESP]
outbound : 675720232 (0x2846ac28) [ESP]
tunnel :
local address: 44.44.44.44
remote address : 44.44.44.45
flow :
as defined in acl 3001
Table 20 Command output
Field Descri
p
tion
connection id Connection ID, used to uniquely identify an IPsec Tunnel.
status
Whether the tunnel is in the active or standby state.
This field is displayed only when IPsec stateful failover is enabled.
perfect forward secrecy
Perfect forward secrecy, indicating which DH group is to be used for fast
negotiation mode in IKE phase 2.
SA's SPI SPIs of the inbound and outbound SAs.
tunnel Local and remote addresses of the tunnel.
flow
Data flow protected by the IPsec tunnel, including source IP address,
destination IP address, source port, destination port and protocol.
as defined in acl 3001 The IPsec tunnel protects all data flows defined by ACL 3001.
encapsulation-mode
Use encapsulation-mode to set the encapsulation mode that the security protocol uses to encapsulate IP
packets.
Use undo encapsulation-mode to restore the default.
Syntax
encapsulation-mode { transport | tunnel }
undo encapsulation-mode