Manualshelf

R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
42
Table 13 Output description
Field Descri
p
tion
Src Address Local IP address
Dst Address Remote IP address
SPI Security parameter index
Protocol Security protocol used by IPsec
Algorithm
Authentication algorithm and encryption algorithm used by the security protocol,
where E indicates the encryption algorithm and A indicates the authentication
algorithm. A value of NULL means that type of algorithm is not specified.
# Display the global SA lifetime settings.
<Sysname> display ipsec sa duration
IPsec sa global duration (traffic based): 1843200 kilobytes
IPsec sa global duration (time based): 3600 seconds
# Display detailed information about all IPsec SAs.
<Sysname> display ipsec sa
===============================
Interface: GigabitEthernet0/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "r2"
sequence number: 1
mode: isakmp
-----------------------------
connection id: 3
encapsulation mode: tunnel
perfect forward secrecy:
tunnel:
local address: 2.2.2.2
remote address: 1.1.1.2
flow:
sour addr: 192.168.2.0/255.255.255.0 port: 0 protocol: IP
dest addr: 192.168.1.0/255.255.255.0 port: 0 protocol: IP
[inbound ESP SAs]
spi: 3564837569 (0xd47b1ac1)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa duration (kilobytes/sec): 4294967295/604800
sa remaining duration (kilobytes/sec): 1843200/2686
max received sequence-number: 5
anti-replay check enable: Y
anti-replay window size: 32
udp encapsulation used for nat traversal: N