R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101
41
Table 12 Output description
Field Descri
p
tion
IPsec proposal name Name of the IPsec proposal
encapsulation mode Encapsulation mode used by the IPsec proposal, transport or tunnel
transform
Security protocol(s) used by the IPsec proposal: AH, ESP, or both. If both
protocols are configured, IPsec uses ESP before AH.
AH protocol Authentication algorithm used by AH
ESP protocol Authentication algorithm and encryption algorithm used by ESP
display ipsec sa
Syntax
display ipsec sa [ brief | duration | policy policy-name [ seq-number ] | remote ip-address ]
View
Any view
Default level
1: Monitor level
Parameters
brief: Displays brief information about all IPsec SAs.
duration: Displays the global SA lifetime information.
policy: Displays detailed information about IPsec SAs created by using a specified IPsec policy.
policy-name: Name of the IPsec policy, a string 1 to 15 characters.
seq-number: Sequence number of the IPsec policy, in the range 1 to 65535.
remote ip-address: Displays detailed information about the IPsec SA with a specified remote address.
Description
Use the display ipsec sa command to display information about IPsec SAs.
If you do not specify any parameters, the command displays information about all IPsec SAs.
Related commands: reset ipsec sa and ipsec sa global-duration.
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES;
A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES;
A:HMAC-MD5-96