Chapter 4 Configuring the VPN Acceleration Module

Configuration Tasks

remote ident (addr/mask/prot/port): (172.21.114.67/255.255.255.255/0/0) current_peer: 172.21.114.67

PERMIT, flags={origin_is_acl,}

#pkts encaps: 10, #pkts encrypt: 10, #pkts digest 10

#pkts decaps: 10, #pkts decrypt: 10, #pkts verify 10 #send errors 10, #recv errors 0

local crypto endpt.: 172.21.114.123, remote crypto endpt.: 172.21.114.67 path mtu 1500, media mtu 1500

current outbound spi: 20890A6F inbound esp sas:

spi: 0x257A1039(628756537) transform: esp-des esp-md5-hmac, in use settings ={Tunnel,}

slot: 0, conn id: 26, crypto map: router-alice

sa timing: remaining key lifetime (k/sec): (4607999/90)

IV size: 8 bytes

replay detection support: Y inbound ah sas:

outbound esp sas:

spi: 0x20890A6F(545852015) transform: esp-des esp-md5-hmac, in use settings ={Tunnel,}

slot: 0, conn id: 27, crypto map: router-alice

sa timing: remaining key lifetime (k/sec): (4607999/90)

IV size: 8 bytes

replay detection support: Y outbound ah sas:

interface: Tunnel0

Crypto map tag: router-alice, local addr. 172.21.114.123

local ident (addr/mask/prot/port): (172.21.114.123/255.255.255.255/0/0)

remote ident (addr/mask/prot/port): (172.21.114.67/255.255.255.255/0/0)

current_peer: 172.21.114.67 PERMIT, flags={origin_is_acl,}

#pkts encaps: 10, #pkts encrypt: 10, #pkts digest 10

#pkts decaps: 10, #pkts decrypt: 10, #pkts verify 10 #send errors 10, #recv errors 0

local crypto endpt.: 172.21.114.123, remote crypto endpt.: 172.21.114.67 path mtu 1500, media mtu 1500

current outbound spi: 20890A6F inbound esp sas:

spi: 0x257A1039(628756537) transform: esp-des esp-md5-hmac, in use settings ={Tunnel,}

slot: 0, conn id: 26, crypto map: router-alice

sa timing: remaining key lifetime (k/sec): (4607999/90)

IV size: 8 bytes

replay detection support: Y inbound ah sas:

outbound esp sas:

spi: 0x20890A6F(545852015)

OL-5419-01 B0transform: esp-des esp-md5-hmac, in use settings ={Tunnel,}

slot: 0, conn id: 27, crypto map: router-alice

sa timing: remaining key lifetime (k/sec): (4607999/90)

IV size: 8 bytes

replay detection support: Y outbound ah sas:

For a detailed description of the information displayed by the show commands, refer to the “IP Security and Encryption” chapter of the Security Command Reference publication. For more information on the VAM, see the VPN Acceleration Module Installation and Configuration Guide.

Cisco 7401ASR Installation and Configuration Guide

 

OL-5419-01 B0

4-7

 

 

 

Page 94 Page 96
Page 95
Image 95
Cisco Systems 7401ASR manual Currentpeer 172.21.114.67 PERMIT, flags=originisacl
Page 94 Page 96
Top Page Image Contents