R2511-HP MSR Router Series Security Command Reference(V5)
187
IPsec Policy Template Group: "test"
===============================================
---------------------------------
Policy template name: "test"
sequence number: 1
---------------------------------
encapsulation mode: tunnel
security data flow :
ACL’s Version: acl4
ike-peer name: per
PFS: N
transform-set name: testprop
synchronization inbound anti-replay-interval: 1000 packets
synchronization outbound anti-replay-interval: 10000 packets
IPsec sa local duration(time based): 3600 seconds
IPsec sa local duration(traffic based): 1843200 kilobytes
Table 20 Command output
Field Descri
p
tion
encapsulation mode Mode in which IPsec encapsulates IP packets: tunnel or transport.
security data flow ACL referenced by the IPsec policy template.
ACL’s Version
ACL version:
• acl4—IPv4 ACL.
• acl6—IPv6 ACL.
ike-peer name IKE peer referenced by the IPsec policy template.
PFS Whether the PFS feature is used.
DH group Used DH group, whose value can be 1, 2, 5, or 14.
transport-set name IPsec transform set referenced by the IPsec policy template.
synchronization inbound
anti-replay-interval
Interval at which the inbound anti-replay window is synchronized. It is
expressed in the number of received packets.
synchronization outbound
anti-replay-interval
Interval at which the outbound anti-replay sequence number is
synchronized. It is expressed in the number of sent packets.
IPsec sa local duration(time based) Time-based lifetime of the IPsec SAs at the local end.
IPsec sa local duration(traffic based)
Traffic-based lifetime of the IPsec SAs at the local end.
Related commands
ipsec policy-template
display ipsec profile
Use display ipsec profile to display the configuration information of IPsec profiles.
Syntax
display ipsec profile [ name profile-name ] [ | { begin | exclude | include } regular-expression ]