R2511-HP MSR Router Series Security Configuration Guide(V5)

ManualsBrandsHP ManualsNetwork HardwareHP MSR1003-8 AC Router

251

252

253

254

255

256

257

258

259

260

243

DH Group : MODP1536/Group 5

MODP1024/Group 2

# Display the IKEv2 profile configuration information.

[RouterA] display ikev2 profile

IKEv2 profile : profile_a

Match : match address local interface Ethernet1/1

Identity : identity local dn

Auth type : authentication local rsa-sig

authentication remote pre-share

authentication remote rsa-sig

Keyring :

Sign domain : domain_a

Verify domain : domain_b

Lifetime : 86400 seconds

DPD : disable

# Display the IKEv2 SA established by the IKE_SA_INIT exchange.

[RouterA] display ikev2 sa

total SAs: 1

connection-id peer flag

------------------------------------------------------------------------

14 2.2.2.2 RD|ST

flag meaning

RD--READY ST--STAYALIVE FD--FADING TO—TIMEOUT

# Display the IPsec SAs established by the IKE_AUTH exchange.

[RouterA] display ipsec sa

===============================

Interface: Ethernet1/1

path MTU: 1500

===============================

-----------------------------

IPsec policy name: "map"

sequence number: 1

acl version: ACL4

mode: isakmp

-----------------------------

PFS: N, DH group: none

tunnel:

local address: 1.1.1.1

remote address: 2.2.2.2

flow:

sour addr: 10.1.1.0/255.255.255.0 port: 0 protocol: IP

dest addr: 10.1.2.0/255.255.255.0 port: 0 protocol: IP