Command Reference Guide
3Com Router 3000 Ethernet Family
Command Reference Guide
Chapter 5 IPSec Configuration Commands
3Com Corporation
5-8
5.1.6 display ipsec sa
Syntax
display ipsec sa [ brief | remote ip-address | policy policy-name [ seq-number ] |
duration ]
View
Any view
Parameter
brief: Displays brief information about all the SAs.
remote: Displays information about the SA with remote address as ip-address.
ip-address: Specifies the remote address in dotted decimal format.
policy: Displays information about the SA created by the ipsec policy whose name is
policy-name.
policy-name: Specifies the name of the ipsec policy.
seq-number: Specifies the sequence number of the ipsec policy.
duration: Global sa duration to be shown.
Description
Use the display ipsec sa command to view the relevant information about the SA.
The command with brief parameter shows brief information about all the SAs, whose
display format is the brief format (refer to the following example). Brief information
includes source address, destination address, SPI, protocol, and algorithm. A display
beginning with "E" in the algorithm stands for the encryption algorithm, and a display
beginning with "A" stands for the authentication algorithm. The brief command can be
used to display all the SAs already set up quickly.
The commands with remote and policy parameters both display the detailed
information about the SA. The display mode: part of the information about the ipsec
policy is shown first and then the detailed information of the SA in this ipsec policy.
The command with duration parameter shows the global sa duration, including
"time-based" and "traffic-based" sa duration. Refer to the examples for this command.
Information of all the SAs will be shown when no parameter is specified.
Related command: reset ipsec sa, ipsec sa duration, display ipsec sa and display
ipsec policy.
Example
# View brief information about all the SAs.
<3Com> display ipsec sa brief