R2511-HP MSR Router Series Security Configuration Guide(V5)

ManualsBrandsHP ManualsNetwork HardwareHP MSR1003-8 AC Router

481

482

483

484

485

486

487

488

489

490

476

Ste

Command

Remarks

3. Apply a GDOI IPsec

policy to the interface.

ipsec policy policy-name

By default, no GDOI IPsec policy is

applied to an interface.

You can apply only one GDOI

IPsec policy to an interface. A

GDOI IPsec policy can be applied

to multiple interfaces.

For more information about this

command, see Security Command

Reference.

Displaying and maintaining GDOI GM

Execute display commands in any view and reset commands in user view.

Task Command

Display the GDOI GM group

information.

display gdoi gm [ group group-name ] [ | { begin | exclude | include }

regular-expression ]

Display information about IPsec

SAs obtained by the GM.

display gdoi gm ipsec sa [ group group-name ] [ | { begin | exclude |

include } regular-expression ]

Display brief information about the

GM.

display gdoi gm members [ group group-name ] [ | { begin | exclude |

include } regular-expression ]

Display ACL information for the

GM.

display gdoi gm acl [ download | local ] [ group group-name ] [ | { begin

| exclude | include } regular-expression ]

Display rekey information for the

GM.

display gdoi gm rekey [ verbose ] [ group group-name ] [ | { begin |

exclude | include } regular-expression ]

Display information about the

public keys received by the GM.

display gdoi gm pubkey [ group group-name ] [ | { begin | exclude |

include } regular-expression ]

Display IKE SA information.

display ike sa [ active | standby | verbose [ connection-id connection-id

| remote-address [ ipv6 ] remote-address ] ] [ | { begin | exclude |

include } regular-expression ]

Display IPsec SA information.

display ipsec sa [ active | brief | duration | policy policy-name

[ seq-number ] | remote [ ipv6 ] ip-address | standby ] [ | { begin |

exclude | include } regular-expression ]

Display GDOI IPsec policy

information.

display ipsec policy [ brief | name policy-name [ seq-number ] ] [ |

{ begin | exclude | include } regular-expression ]

Clear GDOI information for the

GM and initiate registration.

reset gdoi gm [ group group-name ]

For more information about the display ike sa, display ipsec sa, and display ipsec policy commands, see

Security Command Reference.