R2511-HP MSR Router Series Security Command Reference(V5)
185
Field Descri
p
tion
Interface Interface to which the IPsec policy is applied.
Protocol
Name of the protocol to which the IPsec policy is applied. (This
field is not displayed when the IPsec policy is not applied to any
routing protocol.)
sequence number Sequence number of the IPsec policy.
acl version
ACL version:
• ACL4—IPv4 ACL.
• ACL6—IPv6 ACL.
If no ACL is referenced, this field displays None.
mode
Negotiation mode of the IPsec policy:
• manual—Manual mode.
• isakmp—IKE negotiation mode.
• template—IPsec policy template mode.
• gdoi—GDOI negotiation mode.
encapsulation mode Mode in which IPsec encapsulates IP packets: tunnel or transport.
selector mode
Data flow protection mode of the IPsec policy: standard or
aggregation.
ike-peer name IKE peer referenced by the IPsec policy.
PFS Whether the PFS feature is used.
DH group Used DH group, whose value can be 1, 2, 5, or 14.
tunnel local address Local IP address of the tunnel.
tunnel remote address Remote IP address of the tunnel.
transform-set name Transform set referenced by the IPsec policy.
policy enable Whether the IPsec policy is enabled or not.
tfc enable Whether the TFC padding function is enabled or not.
synchronization inbound
anti-replay-interval
Interval at which the inbound anti-replay window is synchronized.
It is expressed in the number of received packets.
synchronization outbound
anti-replay-interval
Interval at which the outbound anti-replay sequence number is
synchronized. It is expressed in the number of sent packets.
inbound/outbound AH/ESP setting
AH/ESP settings in the inbound/outbound direction, including the
SPI and keys.
group name Name of the GDOI group.
Related commands
ipsec policy (system view)
display ipsec policy-template
Use display ipsec policy-template to display information about IPsec policy templates.