Manualshelf

R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
43
Table 14 Command output
Field Descri
p
tion
connection id Identifier of the ISAKMP SA
vpn-instance VPN to which the protected data belongs.
transmitting entity Entity in the IKE negotiation
status
Stateful failover status of the SA, active or standby.
This field appears only in an IPsec stateful failover scenario.
local ip IP address of the local gateway
local id type Identifier type of the local gateway
local id Identifier of the local gateway
remote ip IP address of the remote gateway
remote id type Identifier type of the remote gateway
remote id Identifier of the remote security gateway
authentication-method Authentication method used by the IKE proposal
authentication-algorithm Authentication algorithm used by the IKE proposal
encryption-algorithm Encryption algorithm used by the IKE proposal
life duration(sec) Lifetime of the ISAKMP SA in seconds
remaining key duration(sec) Remaining lifetime of the ISAKMP SA in seconds
exchange-mode IKE negotiation mode in phase 1
diffie-hellman group DH group used for key negotiation in IKE phase 1
nat traversal Whether NAT traversal is enabled
dpd
Syntax
dpd dpd-name
undo dpd
View
IKE peer view
Default level
2: System level
Parameters
dpd-name: DPD detector name, a string of 1 to 32 characters.
Description
Use dpd to apply a DPD detector to an IKE peer.
Use undo dpd to remove the application.
By default, no DPD detector is applied to an IKE peer.