Displaying And Maintaining Ipsec - HP VSR1000 Security Configuration Manual

To configure SNMP notifications for IPsec:
Step
1. Enter system view
2. Enable SNMP notifications
for IPsec globally.
3. Enable SNMP notifications
for the specified failure or
event type.

Displaying and maintaining IPsec

Execute display commands in any view and reset commands in user view.
Task
Display IPsec policy information.
Display IPsec policy template information.
Display IPsec profile information.
Display IPsec transform set information.
Display IPsec SA information.
Display IPsec statistics.
Display IPsec tunnel information.
Clear IPsec SAs.
Clear IPsec statistics.
Command
system-view
snmp-agent trap enable ipsec global
snmp-agent trap enable ipsec
[ auth-failure | decrypt-failure |
encrypt-failure | invalid-sa-failure |
no-sa-failure | policy-add |
policy-attach | policy-delete |
policy-detach | tunnel-start |
tunnel-stop ] *
Command
display ipsec { ipv6-policy | policy } [ policy-name
[ seq-number ] ]
display ipsec { ipv6-policy-template | policy-template }
[ template-name [ seq-number ] ]
display ipsec profile [ profile-name ]
display ipsec transform-set [ transform-set-name ]
display ipsec sa [ brief | count | interface interface-type
interface-number | { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote [ ipv6 ]
ip-address ]
display ipsec statistics [ tunnel-id tunnel-id ]
display ipsec tunnel { brief | count | tunnel-id tunnel-id }
reset ipsec sa [ { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote
{ ipv4-address | ipv6 ipv6-address } | spi { ipv4-address |
ipv6 ipv6-address } { ah | esp } spi-num ]
reset ipsec statistics [ tunnel-id tunnel-id ]
194
Remarks
N/A
By default, SNMP notifications for
IPsec are disabled.
By default, SNMP notifications for
all failure and event types are
disabled.