3Com 10014299 Displaying and Debugging the NDEC Card

576 CHAPTER 40: CONFIGURING IPSEC

Tabl e 653 Display and Debug IPSec

Displaying and Debugging the NDEC CardResetting the crypto cardWhen the crypto card operates abnormally, resetting the crypto card can be used to restore the crypto card to normality. When resetting the crypto card, the crypto card restores its initialization. At the same time, the host retransmits the card's configured information and SA information being used to the crypto card. In addition, the host automatically resets the crypto card when it finds that the crypto card operates abnormally.Configure the following in the system view:

Tabl e 654 Reset crypto card

Operation Command

Display all created SA (applicable to IPSec

software) display ipsec sa all

Display all SA information briefly

(applicable to IPSec software) display ipsec sa brief

Display the specific SA information

(applicable to IPSec software) display ipsec sa parameters

dest-address protocol spi

Display global SA lifetime (applicable to

IPSec software) display ipsec sa duration

Display SA established with specific peer

ends (applicable to IPSec software) display ipsec sa remote ip-address

Display all security policy base information

(applicable to IPSec software) display ipsec sa policy policy-name [

sequence-number ]

Display statistic information related to

security message (applicable to IPSec

software)

display ipsec statistics

Display configured IPSec proposal

(applicable to IPSec software) display ipsec proposal [

proposal-name ]

Display all security policy base information

(applicable to IPSec software) display ipsec policy all

Display brief security policy base

information (applicable to IPSec software) display ipsec policy brief

Display all security policy base information

by name (applicable to IPSec software) display ipsec policy name policy-name

[ sequence-number ]

Clear all SA (applicable to IPSec software) reset ipsec sa all

Clear specific SA information (applicable

to IPSec software) reset ipsec sa parameters

dest-address protocol spi

Clear SA of the specified security policy

base (applicable to IPSec software) reset ipsec sa policy policy-name [

sequence-number ]

Clear SA established with specified peer

ends (applicable to IPSec software) reset ipsec sa remote ip-address

Clear statistic information related to

security messages (applicable to IPSec

software)

reset ipsec statistics

information debugging related to IPSec

(applicable to IPSec software) debugging ipsec { sa | packet | misc }

Operation Command

Reset crypto card (applicable to crypto

card) encrypt-card reset [ slot-id ]