AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

193

RouterOS v3 Configuration and User Guide

 

 

 

remote-address(read-only: IP address) - peer's IP address

side (multiple choice, read-only: initiator responder) - shows which side initiated the connection initiator - phase 1 negotiation was started by this router

responder - phase 1 negotiation was started by peer

state (read-only: text) - state of phase 1 negotiation with the peer estabilished - normal working state

Example

To see currently estabilished SAs:

[admin@WiFi] ip ipsec> remote-peers print

0 local-address=10.0.0.148 remote-address=10.0.0.147 state=established side=initiator

[admin@WiFi] ip ipsec>

8.8.5 Installed SAs

Submenu level: /ip ipsec installed-sa

Description

This facility provides information about installed security associations including the keys

Property Description

add-lifetime(read-only: time) - soft/hard expiration time counted from installation of SA

addtime (read-only: text) - time when this SA was installed

auth-algorithm(multiple choice, read-only: none md5 sha1) - authentication algorithm used in SA

auth-key(read-only: text) - authentication key presented as a hex string

current-bytes(read-only: integer) - amount of data processed by this SA's crypto algorithms

dst-address(read-only: IP address) - destination address of SA taken from respective policy

enc-algorithm(multiple choice, read-only: none des 3des aes) - encryption algorithm used in SA

enc-key(read-only: text) - encryption key presented as a hex string (not applicable to AH SAs)

lifebytes (read-only: integer) - soft/hard expiration threshold for amount of processed data

replay (read-only: integer) - size of replay window presented in bytes. This window protects the receiver against replay attacks by rejecting old or duplicate packets

spi (read-only: integer) - SPI value of SA, represented in hexadecimal form

src-address(read-only: IP address) - source address of SA taken from respective policy

state (multiple choice, read-only: larval mature dying dead) - SA living phase

use-lifetime(read-only: time) - soft/hard expiration time counted from the first use of SA

usetime (read-only: text) - time when this SA was first used

Page 192 Page 194
Page 193
Image 193
Allied Telesis AT-WR4500 manual Installed SAs, To see currently estabilished SAs, Submenu level /ip ipsec installed-sa
Page 192 Page 194
Top Page Image Contents