F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Command Reference-6PW100
71
Hardware Ke
y
words com
p
atible
F1000-A-EI/F1000-S-EI Yes
F1000-E Yes
F5000 Yes
Firewall module Yes
U200-A Yes
U200-S No
Usage guidelines
If you do not specify any parameters, the command displays information about all IPsec SAs.
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES;
A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES;
A:HMAC-MD5-96
Table 16 Command output
Field Descri
p
tion
Src Address Local IP address.
Dst Address Remote IP address.
SPI Security parameter index.
Protocol Security protocol used by IPsec.
Algorithm
Authentication algorithm and encryption algorithm used by the security protocol,
where E indicates the encryption algorithm and A indicates the authentication
algorithm. A value of NULL means that type of algorithm is not specified.
# Display detailed information about all IPsec SAs.
<Sysname> display ipsec sa
===============================
Interface: GigabitEthernet0/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "r2"
sequence number: 1
acl version: ACL4
mode: isakmp
-----------------------------
connection id: 3