CLI Guide
Interface: GigabitEthernet 1/2
Link Local address: fe80::201:e8ff:fe40:4d11
IPSecv6 policy name: OSPFv3-1-600
inbound ah sas
outbound ah sas
inbound esp sas
spi : 600 (0x258)
transform : esp-des esp-sha1-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
outbound esp sas
spi : 600 (0x258)
transform : esp-des esp-sha1-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
show crypto ipsec sa ipv6 Command Fields
Field Description
Interface IPv6 interface
Link local address IPv6 address of interface
IPSecv6 policy
name
Name of the IPsec security policy applied to the interface.
inbound/outbound
ah
Authentication policy applied to inbound or outbound traffic.
inbound/outbound
esp
Encryption policy applied to inbound or outbound traffic.
spi Security policy index number used to identify the policy.
transform Security algorithm that is used to provide authentication, integrity, and
confidentiality.
in use settings Transform that the SA uses (only transport mode is supported).
replay detection
support
Y: An SA has enabled the replay detection feature.
N: The replay detection feature is not enabled.
STATUS ACTIVE: The authentication or encryption policy is enabled on the interface.
Open Shortest Path First (OSPFv2 and OSPFv3)
1305