Manualshelf

R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
21222324252627282930
15
Field Description
flag
Status of the SA:
RD (READY): The SA has been established.
ST (STAYALIVE): This end is the initiator of the tunnel negotiation.
RL (REPLACED): The tunnel has been replaced by a new one and will be deleted
later.
FD (FADING): The soft lifetime is over but the tunnel is still in use. The tunnel will
be deleted when the hard lifetime is over.
TO (TIMEOUT): The SA has received no keepalive packets after the last keepalive
timeout. If no keepalive packets are received before the next keepalive timeout,
the SA will be deleted.
phase
The phase the SA belongs to:
Phase 1: The phase for establishing the ISAKMP SA.
Phase 2: The phase for negotiating the security service. IPsec SAs are established
in this phase.
doi Interpretation domain the SA belongs to
# Display detailed information about the current IKE SAs.
<Sysname> display ike sa verbose
---------------------------------------------
connection id: 2
vpn-instance: 1
transmitting entity: initiator
---------------------------------------------
local ip: 4.4.4.4
local id type: IPV4_ADDR
local id: 4.4.4.4
remote ip: 4.4.4.5
remote id type: IPV4_ADDR
remote id: 4.4.4.5
authentication-method: PRE-SHARED-KEY
authentication-algorithm: HASH-SHA1
encryption-algorithm: DES-CBC
life duration(sec): 86400
remaining key duration(sec): 86379
exchange-mode: MAIN
diffie-hellman group: GROUP1
nat traversal: NO
# Display detailed information about the IKE SA with the connection ID of 2.
<Sysname> display ike sa verbose connection-id 2
---------------------------------------------
connection id: 2
vpn-instance: vpn1
transmitting entity: initiator