Manualshelf

R3166-R3206-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
51525354555657585960
47
# Display information about IPsec tunnels in aggregation mode.
<Sysname> display ipsec tunnel
total tunnel: 2
------------------------------------------------
connection id: 4
status: active
perfect forward secrecy:
SA's SPI:
inbound : 2454606993 (0x924e5491) [ESP]
outbound : 675720232 (0x2846ac28) [ESP]
tunnel :
local address: 44.44.44.44
remote address : 44.44.44.45
flow :
as defined in acl 3001
current Encrypt-card : None
Table 16 Output description
Field Descri
p
tion
connection id Connection ID, used to uniquely identify an IPsec Tunnel
perfect forward secrecy
Perfect forward secrecy, indicating which DH group is to be used for fast
negotiation mode in IKE phase 2
SA's SPI SPIs of the inbound and outbound SAs
tunnel Local and remote addresses of the tunnel
flow
Data flow protected by the IPsec tunnel, including source IP address,
destination IP address, source port, destination port and protocol
as defined in acl 3001 The IPsec tunnel protects all data flows defined by ACL 3001
current Encrypt-card Encryption card interface used by the current tunnel
encapsulation-mode
Syntax
encapsulation-mode { transport | tunnel }
undo encapsulation-mode
View
IPsec proposal view
Default level
2: System level
Parameters
transport: Uses transport mode.
tunnel: Uses tunnel mode.