R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR6602-XG Router

291

292

293

294

295

296

297

298

299

300

278

Field Descri

tion

Protocol

Name of the protocol to which the IPsec policy is applied. (This

field is not displayed when the IPsec policy is not applied to any

routing protocol.)

sequence number Sequence number of the IPsec policy.

mode

Negotiation mode of the IPsec policy:

• manual—Manual mode.

• isakmp—IKE negotiation mode.

• template—IPsec policy template mode.

• gdoi—GDOI mode.

encapsulation mode

IPsec packet encapsulation mode:

• tunnel—Tunnel mode.

• transport—Transport mode.

selector mode

Data flow protection mode of the IPsec policy, standard or

aggregation.

ike-peer name IKE peer referenced by the IPsec policy.

PFS Whether perfect forward secrecy is enabled.

DH group Used DH group. Its value can be 1, 2, 5, or 14.

tunnel local address Local IP address of the tunnel.

tunnel remote address Remote IP address of the tunnel.

transform-set name Transform set referenced by the IPsec policy.

policy enable Whether the IPsec policy is enabled or not.

tfc enable Whether TFC padding is enabled.

inbound/outbound AH/ESP setting

AH/ESP settings in the inbound/outbound direction, including the

SPI and keys.

group name

GDOI group name.

Support for this field depends on the device model.

Related commands

ipsec policy (system view)

display ipsec policy-template

Use display ipsec policy-template to display information about IPsec policy templates.

Syntax

display ipsec policy-template [ brief | name template-name [ seq-number ] ] [ | { begin | exclude |

include } regular-expression ]

Views

Any view

Default command level

1: Monitor level