R2511-HP MSR Router Series Security Command Reference(V5)
190
display ipsec sa
Use display ipsec sa to display information about IPsec SAs.
Syntax
display ipsec sa [ brief | policy policy-name [ seq-number ] | remote ip-address ] [ | { begin | exclude
| include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
brief: Displays brief information about all IPsec SAs.
policy: Displays detailed information about IPsec SAs created by using a specified IPsec policy.
policy-name: Specifies the name of the IPsec policy, a string of 1 to 15 characters.
seq-number: Specifies the sequence number of the IPsec policy, in the range of 1 to 65535.
remote ip-address: Displays detailed information about the IPsec SA with a specified remote address.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any parameters, the command displays information about all IPsec SAs.
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
total phase-2 IPv4 SAs: 0
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES;
A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES;
A:HMAC-MD5-96
total phase-2 IPv6 SAs: 0
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------