HP FlexFabric 7900 Series Command Reference Manual page 121
Security
Hide thumbs
Also See for FlexFabric 7900 Series:
- Command reference manual (294 pages) ,
- Configuration manual (165 pages) ,
- Installation manual (58 pages)
Table of Contents
Advertisement
Field
Encapsulation mode
Perfect Forward Secrecy
Path MTU
Tunnel
local address
remote address
Flow
sour addr
dest addr
port
protocol
SPI
Transform set
SA duration (kilobytes/sec)
SA remaining duration (kilobytes/sec)
Max received sequence-number
Max sent sequence-number
Anti-replay check enable
UDP encapsulation used for NAT traversal
Status
No duration limit for this SA
Related commands
ipsec sa global-duration
•
reset ipsec sa
•
Description
Encapsulation mode, transport or tunnel.
Perfect forward secrecy (PFS) used by the IPsec policy for
negotiation:
•
768-bit Diffie-Hellman group (dh-group1)
•
1024-bit Diffie-Hellman group (dh-group2)
•
1536-bit Diffie-Hellman group (dh-group5)
•
2048-bit Diffie-Hellman group (dh-group14)
•
2048-bit and 256_bit subgroup Diffie-Hellman group
(dh-group24)
Path MTU of the IPsec SA.
Local and remote addresses of the IPsec tunnel.
Local end IP address of the IPsec tunnel.
Remote end IP address of the IPsec tunnel.
Information about the data flow protected by the IPsec tunnel.
Source IP address of the data flow.
Destination IP address,
Port number.
Protocol type.
SPI of the IPsec SA.
Security protocol and algorithms used by the IPsec transform set.
IPsec SA lifetime, in kilobytes or seconds.
Remaining IPsec SA lifetime, in kilobytes or seconds.
Max sequence number in the received packets.
Max sequence number in the sent packets.
Whether any-replay checking is enabled.
Whether NAT traversal is used by the IPsec SA.
IPsec SA stateful failover status: active or backup.
The manual IPsec SAs do not have lifetime.
114
Advertisement
Table of Contents
