Siemens RUGGEDCOM ROX II User Manual page 461

RUGGEDCOM ROX II
CLI User Guide
show tunnel ipsec connection name connection-status
Where name is the name of the connection. For example:
ruggedcom# show tunnel ipsec connection ipsec-12 connection-status
connection status "dead peer detect disabled"
Possible values include:
• dead peer detect disabled – Dead Peer Detection (DPD) is disabled. DPD must be enabled to report the
status of the connection.
• inactive – There are currently no established connections on the selected tunnel.
• active – There are established peer connections on the selected tunnel. The number of active peers is defined
in brackets.
• IPsec disabled – IPsec is disabled.
Section 12.8.7
Managing the Internet Key Exchange (IKE) Protocol
The Internet Key Exchange (IKE) protocol negotiates connection parameters, including keys, for the Encapsulated
Security Payload (ESP) protocol employed by IPsec. IKE is based on the Diffie-Hellman key exchange protocol,
which allows two parties without any initially shared secret to create one in a manner immune to eavesdropping.
CONTENTS
• Section 12.8.7.1, "Viewing a List of IKE Algorithms"
• Section 12.8.7.2, "Adding an IKE Algorithm"
• Section 12.8.7.3, "Deleting an IKE Algorithm"
Section 12.8.7.1
Viewing a List of IKE Algorithms
To view a list of algorithms for the Internet Key Exchange (IKE) protocol, type:
show running-config tunnel ipsec connection connection ike algorithm
Where:
• connection is the name of the connection
If If algorithms have been configured, a table or list similar to the following example appears:
tunnel
ipsec
connection ipsec-12
ike algorithm 3des md5 modp8192
!
!
!
!
If no algorithms have been configured, add algorithms as needed. For more information, refer to
"Adding an IKE Algorithm".
Managing the Internet Key Exchange (IKE) Protocol
Chapter 12
Tunneling and VPNs
Section 12.8.7.2,
415