Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
361362363364365366367368369370
370 CHAPTER 22: IPSEC CONFIGURATION COMMANDS
display ipsec sa Syntax
display ipsec sa [ brief | remote ip-address | policy policy-name [ seq-number ] |
duration ]
View
Any view
Parameter
brief: Displays brief information about all the SAs.
remote: Displays information about the SA with remote address as ip-address.
ip-address: Specifies the remote address in dotted decimal format.
policy: Displays information about the SA created by the IPsec policy whose name
is policy-name.
policy-name: Name of the IPsec policy.
seq-number: Specifies the sequence number of the IPsec policy.
duration: Global sa duration to be shown.
Description
Use the display ipsec sa command to view the relevant information about the
SA.
The command with brief keyword shows brief information about all the SAs,
whose display format is the brief format (refer to the following example). Brief
information includes source address, destination address, SPI, protocol, and
algorithm. A display beginning with "E" in the algorithm stands for the encryption
algorithm and a display beginning with "A" stands for the authentication
algorithm. The brief keyword can be used to display all the SAs already set up
quickly.
The commands with remote and policy parameters both display the detailed
information about the SA. The display mode: part of the information about the
IPsec policy is shown first and then the detailed information of the SA in this IPsec
policy.
The command with duration parameter shows the global sa duration, including
"time-based" and "traffic-based" sa duration. Referring to the following
examples.
encapsulation mode modes used by proposal, including two types: transport mode and
tunnel mode
transform security protocols used by proposal, including two types: AH and ESP
ah protocol the authentication-algorithm used by AH: md5 | sha1
esp protocol the authentication-algorithm and encryption method used by ESP
respectively: MD5 and DES
Table 273 IPsec proposal information
Field Description