R3303-HP HSR6800 Routers Security Configuration Guide
89
sour addr: 10.1.1.0/255.255.255.0 port: 0 protocol: IP
dest addr: 10.1.3.0/255.255.255.0 port: 0 protocol: IP
current outbound spi: 0xDB865076(3683012726)
[inbound ESP SAs]
spi: 0xDB865076(3683012726)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 321
sa duration (kilobytes/sec): 0/340
sa remaining duration (kilobytes/sec): 0/61
anti-replay detection: Disabled
spi: 0x640321A(104870426)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 329
sa duration (kilobytes/sec): 0/900
sa remaining duration (kilobytes/sec): 0/851
anti-replay detection: Disabled
[outbound ESP SAs]
spi: 0xDB865076(3683012726)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 322
sa duration (kilobytes/sec): 0/340
sa remaining duration (kilobytes/sec): 0/61
anti-replay detection: Disabled
spi: 0x640321A(104870426)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 330
sa duration (kilobytes/sec): 0/900
sa remaining duration (kilobytes/sec): 0/851
anti-replay detection: Disabled
The output shows that two groups of IPsec SAs have been generated on GM 1 for secure communication
with the other group members.
# Execute the display gdoi gm command to display the registration information on GM 1.
[GM1] display gdoi gm
Group Name: 1
Group Identity : 12345
Rekeys Received : 129
IPsec SA Direction : Both