HP Cisco MDS 9020 - Fabric Switch Configuration Manual page 881
Cisco mds 9000 family cli configuration guide, release 3.x (ol-16184-01, april 2008)
Hide thumbs
Also See for Cisco MDS 9020 - Fabric Switch:
- Service manual (242 pages) ,
- Configuration manual (1384 pages) ,
- Handbook (141 pages)
Table of Contents
Advertisement
Chapter 35
Configuring IPsec Network Security
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Example 35-13 Displays Information About the Policy Database
switch# show crypto spd domain ipsec
Policy Database for interface: GigabitEthernet4/1, direction: Both
#
0:
#
1:
#
2:
#
63:
Policy Database for interface: GigabitEthernet4/2, direction: Both
#
0:
#
1:
#
3:
#
63:
Example 35-14 Displays SPD Information for a Specific Interface
switch# show crypto spd domain ipsec interface gigabitethernet 4/2
Policy Database for interface: GigabitEthernet3/1, direction: Both
#
0:
#
1:
#
2:
# 127:
Example 35-15 Displays Detailed iSCSI Session Information for a Specific Interface
switch# show iscsi session detail
Initiator iqn.1987-05.com.cisco:01.9f39f09c7468 (ips-host16.cisco.com)
Initiator ip addr (s): 10.10.10.5
Session #1 (index 24)
Discovery session, ISID 00023d000001, Status active
Session #2 (index 25)
Target ibm1
VSAN 1, ISID 00023d000001, TSIH 0, Status active, no reservation
Type Normal, ExpCmdSN 42, MaxCmdSN 57, Barrier 0
MaxBurstSize 0, MaxConn 1, DataPDUInOrder Yes
DataSeqInOrder Yes, InitialR2T Yes, ImmediateData No
Registered LUN 0, Mapped LUN 0
Stats:
Number of connection: 1
Connection #1
OL-16184-01, Cisco MDS SAN-OS Release 3.x
lifetimes in seconds:: 120
lifetimes in bytes:: 423624704
deny
udp any port eq 500 any
deny
udp any any port eq 500
permit ip 10.10.10.0 255.255.255.0 10.10.10.0 255.255.255.0
deny
ip any any
deny
udp any port eq 500 any
deny
udp any any port eq 500
permit ip 10.10.100.0 255.255.255.0 10.10.100.0 255.255.255.0
deny
ip any any
deny
udp any port eq 500 any
deny
udp any any port eq 500
permit ip 10.10.10.0 255.255.255.0 10.10.10.0 255.255.255.0
deny
ip any any
PDU: Command: 41, Response: 41
Bytes: TX: 21388, RX: 0
iSCSI session is protected by IPSec
Local IP address: 10.10.10.4, Peer IP address: 10.10.10.5
CID 0, State: Full-Feature
StatSN 43, ExpStatSN 0
MaxRecvDSLength 131072, our_MaxRecvDSLength 262144
CSG 3, NSG 3, min_pdu_size 48 (w/ data 48)
AuthMethod none, HeaderDigest None (len 0), DataDigest None (len 0)
Version Min: 0, Max: 0
FC target: Up, Reorder PDU: No, Marker send: No (int 0)
Received MaxRecvDSLen key: Yes
<-----------------------UDP default entry
<---------------------- UDP default entry
<---------------------------------------- Clear text default entry
<-----------The iSCSI session protection status
Cisco MDS 9000 Family CLI Configuration Guide
Displaying IPsec Configurations
35-33
Advertisement
Chapters
Table of Contents
Troubleshooting
