Manualshelf

Setup guide

ManualsBrandsD-Link ManualsComputer equipmentDWL-500 - 11Mb Wireless LAN PCI Network Card
181182183184185186187188189190
Property Description
local-address (read-only: IP address) - local ISAKMP SA address
remote-address (read-only: IP address) - peer's IP address
state (read-only: text) - state of phase 1 negotiation with the peer
estabilished - normal working state
side (multiple choice, read-only: initiator | responder) - shows which side initiated the connection
initiator - phase 1 negotiation was started by this router
responder - phase 1 negotiation was started by peer
estabilished (read-only: text) - shows date and time when phase 1 was established with the peer
ph2-active (read-only: integer) - how many phase 2 negotiations with this peer are currently taking
place
ph2-total (read-only: integer) - how many phase 2 negotiations with this peer took place
Example
To see currently estabilished SAs:
[admin@WiFi] ip ipsec> remote-peers print
0 local-address=10.0.0.148 remote-address=10.0.0.147 state=established
side=initiator established=jan/25/2003 03:34:45 ph2-active=0 ph2-total=1
[admin@WiFi] ip ipsec>
Installed SAs
ip ipsec installed-sa
Description
This facility provides information about installed security associations including the keys
Property Description
spi (read-only: integer) - SPI value of SA, represented in hexadecimal form
direction (multiple choice, read-only: in | out) - SA direction
src-address (read-only: IP address) - source address of SA taken from respective policy
dst-address (read-only: IP address) - destination address of SA taken from respective policy
auth-algorithm (multiple choice, read-only: none | md5 | sha1) - authentication algorithm used in
SA
enc-algorithm (multiple choice, read-only: none | des | 3des | aes) - encryption algorithm used in
SA
replay (read-only: integer) - size of replay window presented in bytes. This window protects the
receiver against replay attacks by rejecting old or duplicate packets.
state (multiple choice, read-only: larval | mature | dying | dead) - SA living phase
auth-key (read-only: text) - authentication key presented in form of hex string
enc-key (read-only: text) - encryption key presented in form of hex string (not applicable to AH
SAs)
add-lifetime (read-only: time) - soft/hard expiration time counted from installation of SA
use-lifetime (read-only: time) - soft/hard expiration time counted from the first use of SA