Enterasys Networks XSR-Series manual C1.4 show tunnels / GRE via Ipsec

Page 49

C1.4 show tunnels / GRE via IPSEC

XSR-1805_2#show tunnels

Tunnel MIB:

ID	Creation Time	Proto Username
	Peer IP	Packets In/Out

40000001 12/02/2003, 16:14 GRE

20.20.20.10000003528/0000002552

XSR-1805_2#

C1.5 show interface vpn / GRE via IPSEC

XSR-1805_2#show interface vpn

Vpn1 is Admin Up

Internet address is 192.168.1.2, subnet mask is 255.255.255.0 Multicast redirect to 192.168.1.1 is enabled.

This interface includes the VPN tunnel 'VPN+GRE'. The tunnel peer's Internet IP address is 20.20.20.1. The tunnel encapsulation protocol is GRE.

The identity used to initiate the tunnel is 'n/a'

The tunnel's current state is Connected.

XSR-1805_2#

C1.6 show crypto ipsec sa / GRE via IPSEC

XSR-1805_2#show crypto ipsec sa

20.20.20.2/32, GRE, 0 ==> 20.20.20.1/32, GRE, 0 : 2709 packets

ESP: SPI=5e39f5c0, Transform=3DES/HMAC-SHA, Life=1961S/999796KB

20.20.20.1/32, GRE, 0 ==> 20.20.20.2/32, GRE, 0 : 3813 packets

ESP: SPI=f56d8f4, Transform=3DES/HMAC-SHA, Life=1961S/999718KB

XSR-1805_2#

C1.7 show ip route / GRE via IPSEC

XSR-1805_2#show ip route

Codes: C-connected, S-static, R-RIP, O-OSPF, IA-OSPF interarea


	N1	- OSPF NSSA external type 1, N2			- OSPF NSSA external type 2
	E1	- 0SPF external type 1,		E2 - 0SPF external type 2
	* - candidate default, D -			default	route originated from default net
C	192.168.1.0/24		[	0/0001]	directly connected, Vpn1
C	80.80.80.0/24		[	0/0001]	directly connected, FastEthernet 1
C	20.20.20.0/24		[	0/0001]	directly connected, FastEthernet 2
O	10.10.10.0/24		[108/0110]		via 192.168.1.1, Vpn1

XSR-1805_2#

Configuration Guide

Page 49 of 55

Image 49

Contents Configuration Guide Table of Contents Appendix Helpful commands for using the XSR platformIP-Static-routing IP-Loopback Interface IP-Address and Secondary Addresses configurationIP-OSPF-routing IP-RIPv1,v2-routing Ip local pool 10th 10.10.10.0 Sntp Simple Network Time Protocol Duplex full System login bannerDuplex half Configuration Guide XSR-1805config#access-list 110 move 1 Access control list moving online editingVirtual Router Redundancy Protocol RFC Router-2-BackupRouter-1-Master Hostname XSR-18051Vrrp 1 priority Vrrp 1 master-respond-ping no shutdown Vrrp monitor interface function, interface trackingNAT static bindings Access-list 10 permit 10.10.10.0NAT dynamic with PAT Port Address Translation Ip address 10.10.10.1 255.255.255.0 no shutdownDialer Interface Controller e1 0/2/0 clock source internal no shutdown Dialer Backup interface functionUsername remote privilege 0 password is not displayed PAP for authentication PPPUsername remote privilege 0 cleartext iamRemote Chap for authentication PPPInterface Dialer0 dialer pool VPN via Dialer Interface rtr1 XSR-1805-1config#aaa user XSR-1805-1config-aaa#password XSRDialer-list 1 protocol ip list VPN via Dialer Interface rtr2 Dialer Int. PRI to BRI with D-channel-callbackcentral-site Ppp pap sent-username central password xsr ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote1-site Ppp pap sent-username remote1 password xsr1 ppp multilinkDialer Int. PRI to BRI with D-channel-callbackremote2-site Ppp pap sent-username remote2 password xsr2 ppp multilinkIsdn config for BRIx/x Isdn switch type changing Dialer caller 112233 callback dialer remote-name XSR-Remote Isdn callbackDialer-group Isdn multilink / Isnd channel bundling PPPoE on Adsl interface with chap authentication AAA Authentication Authorization Accounting Radius SSH / Telnet Ip ssh server disable Ip telnet server disableSyslog function, Server local-buffer Logging Snmp MediumSnmp v1/v2/v3 Snmp configuration /contact/location/parameter0r1 VPN Ipsec site-to-site tunnel via pre-shared key XSR-18051config#aaa user XSR-18051config-aaa#password XSRRouter-1 Ip route 80.80.80.0 255.255.255.00r2 VPN Ipsec site-to-site tunnel via pre-shared key XSR-18052config#aaa user XSR-18052config-aaa#password XSRRouter-2 Ip route 10.10.10.0 255.255.255.0VPN Ipsec site-to-site tunnel certification PKI Password Re-enter password XSR-18051config#crypto ca identity Enterasys-Networks-CAXSR-18051config#crypto ca crl request Enterasys-Networks-CA Request certificate from CA y/n ? yENTITY-ACTIVE Certification control / certificates / Crls / CA identityPptp encrypt mppe auto VPN Pptp User terminationXSR-18051config#aaa user XSR-18051config-aaa#password XSR XSR-18052config#aaa user XSR-18052config-aaa#password XSR Version 6.0.0.0, Built Sep 14 2003 5r1 GRE native site-to-site tunnel5r2 GRE native site-to-site tunnel Diffserv Dscp field addressing Description InteralnetworkPrivate ip address 10.10.10.1 Firewall configurationDescription internalloopbackPrivate ip address 13.13.13.1 Ip address 20.20.20.1 Vlan configuration 802.1q tagged routingIp address 30.30.30.1 Version 2.02, Built Feb 24 2003 A1.2 ping & tracerouteVersion 4.0.0.0, Built Mar 26 2003 XSR-1805 uptime is 0 days, 2 hours, 23 minutesA1.4 telnet to other routers Current operational duplex mode is negotiated to fullPhysical link is currently up Current operational speed is negotiated to 100 Mb/sA1.6 verify the flash file checksum A1.5 flash/ cflash/ dir, rename, copy commandsB1.1 show ip arp B1.0 show ip routeC1.1 show crypto isakmp sa C1.0 show tunnelsC1.2 show crypto ipsec sa C1.3 show crypto mapC1.5 show interface vpn / GRE via Ipsec C1.4 show tunnels / GRE via IpsecC1.6 show crypto ipsec sa / GRE via Ipsec C1.7 show ip route / GRE via IpsecD1.2 show controllers atm 1/0 D1.1 show ip interface atm 1/0.1MTU is 1492 bytes VPI/VCI 1/32 D1.3 show controllers atm 1/0.1Administrative State is Enabled Operational State is UP ATM 1/0 is Admin Up / Oper UpD1.4 show interface atm 1/0 IfLastChange 001609D1.5 show interface atm 1/0.1 ATM 1/0.1 is Admin Up / Oper UpState Opened PPPoE is Oper UpChap authentication success with ATM 1/0.1 PPP is Admin Up / Oper UpD1.6 show ppp interface atm 1/0.1 Current StateGetting Help