2126 CHAPTER 140: IPSEC CONFIGURATION COMMANDS

-----------------------------

IPsec policy name: "r2"

sequence number: 1

mode: isakmp

-----------------------------

connection id: 3

encapsulation mode: tunnel

perfect forward secrecy: None tunnel:

local address: 2.2.2.2

remote address: 1.1.1.2

flow: (11 times matched)

sour addr: 192.168.2.0/255.255.255.0 port: 0 protocol: IP

dest addr: 192.168.1.0/255.255.255.0 port: 0 protocol: IP

[inbound ESP SAs]

spi: 3564837569 (0xd47b1ac1)

proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5

sa remaining key duration (bytes/sec): 1887436380/2686

max received sequence-number: 5

udp encapsulation used for nat traversal: N

[outbound ESP SAs]

spi: 801701189 (0x2fc8fd45)

proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5

sa remaining key duration (bytes/sec): 1887436380/2686

max sent sequence-number: 6

udp encapsulation used for nat traversal: N

Table 565 Description on the fields of the display ipsec sa command

Field

Description

 

 

Interface

Interface referencing the IPSec policy

path MTU

Maximum IP packet length supported by the interface

IPSec policy name

Name of the IPSec policy used

sequence number

Sequence number of the IPSec policy

mode

IPSec negotiation mode

connection id

IPSec tunnel identifier

encapsulation mode

Encapsulation mode, transport or tunnel

perfect forward secrecy

Whether the PFS is enabled.

tunnel

IPSec tunnel

local address

Local IP address of the IPSec tunnel

remote address

Remote IP address of the IPSec tunnel

flow: (11 times

Number of matches of the data flow

matched)

 

sour addr

Source IP address of the data flow

dest addr

Destination IP address of the data flow

port

Port number

protocol

Protocol type

inbound

Information of the inbound SA

spi

Security parameter index

proposal

Security protocol and algorithms used by the IPSec proposal

Page 2126
Image 2126
3Com MSR 30, MSR 50 manual Description on the fields of the display ipsec sa command