R2511-HP MSR Router Series Security Configuration Guide(V5)
236
PRF : MD5
DH Group : MODP1024/Group 2
IKEv2 proposal : default
Encryption : AES-CBC-128
3DES-CBC
Integrity : SHA1
MD5
PRF : SHA1
MD5
DH Group : MODP1536/Group 5
MODP1024/Group 2
# Display the IKEv2 profile configuration information.
[RouterA] display ikev2 profile
IKEv2 profile : profile_a
Match : match identity remote fqdn router_b
Identity : identity local fqdn router_a
Auth type : authentication local pre-share
authentication remote pre-share
Keyring : keyring_a
Sign domain :
Verify domain :
Lifetime : 86400 seconds
DPD : disable
# Display the IKEv2 policy configuration information.
[RouterA] display ikev2 policy
IKEv2 policy : policy_a
Match local :
proposal : proposal_a
IKEv2 policy : default
Match local : any
proposal : default
# Display the IKEv2 SA established by the IKE_SA_INIT exchange.
[RouterA] display ikev2 sa
total SAs: 1
connection-id peer flag
------------------------------------------------------------------------
1 2.2.2.2 RD|ST
flag meaning
RD--READY ST--STAYALIVE FD--FADING TO—TIMEOUT
# Display the IPsec SAs established by the IKE_AUTH exchange.
[RouterA] display ipsec sa