R3721-F3210-F3171-HP High-End Firewalls VPN Command Reference-6PW101
71
encapsulation mode: tunnel
transform: ah-new
AH protocol: authentication sha1-hmac-96
IPsec proposal name: prop1
encapsulation mode: transport
transform: esp-new
ESP protocol: authentication md5-hmac-96, encryption des
Table 20 Command output
Field Description
IPsec proposal name Name of the IPsec proposal
encapsulation mode Encapsulation mode used by the IPsec proposal, transport or tunnel
transform
Security protocol(s) used by the IPsec proposal: AH, ESP, or both. If both
protocols are configured, IPsec uses ESP before AH.
AH protocol Authentication algorithm used by AH
ESP protocol Authentication algorithm and encryption algorithm used by ESP
display ipsec sa
Syntax
display ipsec sa [ active | brief | policy policy-name [ seq-number ] | remote ip-address | standby ] [ |
{ begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
active: Displays detailed information about active IPsec SAs in an IPsec stateful failover scenario.
brief: Displays brief information about all IPsec SAs.
policy: Displays detailed information about IPsec SAs created by using a specified IPsec policy.
policy-name: Name of the IPsec policy, a string 1 to 15 characters.
seq-number: Sequence number of the IPsec policy, in the range of 1 to 65535.
remote ip-address: Displays detailed information about the IPsec SA with a specified remote address.
standby: Displays detailed information about standby IPsec SAs in an IPsec stateful failover scenario.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Getting Started Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.