HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

211

212

213

214

215

216

217

218

219

220

204

acl version: ACL4

mode: isakmp

-----------------------------

connection id: 20000

encapsulation mode: tunnel

perfect forward secrecy:

tunnel:

local address: 192.168.0.1

remote address: 192.168.0.2

flow:

sour addr: 10.1.1.0/0.0.0.255 port: 0 protocol: IP

dest addr: 10.2.2.0/0.0.0.255 port: 0 protocol: IP

[inbound ESP SAs]

spi: 1078770651 (0x404cbbdb)

transform-set: ESP-ENCRYPT-DES ESP-AUTH-SHA1

sa duration (kilobytes/sec): 1843200/3600

sa remaining duration (kilobytes/sec): 1843200/3412

max sequence-number received: 1

anti-replay check enable: Y

anti-replay window size: 32

udp encapsulation used for nat traversal: N

status: active

[outbound ESP SAs]

spi: 468087311 (0x1be6720f)

transform-set: ESP-ENCRYPT-DES ESP-AUTH-SHA1

sa duration (kilobytes/sec): 1843200/3600

sa remaining duration (kilobytes/sec): 1843200/3412

max sequence-number sent: 1

udp encapsulation used for nat traversal: N

status: active

# Display the summary of active IKE SAs.

<FirewallA> display ike sa active

total phase-1 SAs: 1

connection-id peer flag phase doi status

-----------------------------------------------------------------------

20004 192.168.0.2 RD 1 IPSEC ACTIVE

20005 192.168.0.2 RD 2 IPSEC ACTIVE

flag meaning

RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT

# Display the IPsec SAs synchronized from Firewall A.

<FirewallB> display ipsec sa standby

===============================

Interface: GE0/2

path MTU: 1500

===============================

-----------------------------

IPsec policy name: "map1"