R3102-R3103-HP 6600/HSR6600 Routers Security Command Reference
291
Examples
# Display information about IPsec tunnels.
<Sysname> display ipsec tunnel
total tunnel : 2
------------------------------------------------
connection id: 3
perfect forward secrecy:
SA's SPI:
inbound: 187199087 (0xb286e6f) [ESP]
outbound: 3562274487 (0xd453feb7) [ESP]
tunnel:
local address: 44.44.44.44
remote address : 44.44.44.55
flow:
sour addr : 44.44.44.0/255.255.255.0 port: 0 protocol : IP
dest addr : 44.44.44.0/255.255.255.0 port: 0 protocol : IP
------------------------------------------------
connection id: 5
perfect forward secrecy:
SA's SPI:
inbound: 12345 (0x3039) [ESP]
outbound: 12345 (0x3039) [ESP]
tunnel:
flow:
# Display information about IPsec tunnels in aggregation mode.
<Sysname> display ipsec tunnel
total tunnel: 2
------------------------------------------------
connection id: 4
perfect forward secrecy:
SA's SPI:
inbound : 2454606993 (0x924e5491) [ESP]
outbound : 675720232 (0x2846ac28) [ESP]
tunnel :
local address: 44.44.44.44
remote address : 44.44.44.45
flow :
as defined in acl 3001
Table 44 Command output
Field Description
connection id Connection ID, used to uniquely identify an IPsec Tunnel.
perfect forward secrecy
Perfect forward secrecy, indicating which DH group is to be used for fast
negotiation mode in IKE phase 2.
SA's SPI SPIs of the inbound and outbound SAs.