CHAPTER 5. IPSEC
8.
Display dynamic IPSec policies.
Router# show crypto dynamic ipsec policy all
Policy
------
sales
INsales S any/any/any
9.
Display dynamic IPSec policies in detail.
Router# show crypto dynamic ipsec policy all detail
Policy sales is enabled, User group name sales
Direction is outbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
address(ip/mask/port):(10.0.1.0/255.255.255.0/any)
Proposal of priority 1
Policy INsales is enabled, User group name sales
Direction is inbound, Action is Apply
Key Management is Automatic
PFS Group is disabled
Match Address:
address(ip/mask/port):(10.0.1.0/255.255.255.0/any)
290
Match
-----
S 10.0.1.0/24/any Any
D any/any/any
D 10.0.1.0/24/any
Protocol is Any
Source ip
Destination ip address(ip/mask/port):(any/any/any)
Protocol: esp
Mode: tunnel
Encryption Algorithm: aes256(key length=256 bits)
Hash Algorithm: sha1
Lifetime in seconds: 3600
Lifetime in Kilobytes: 4608000
Protocol is Any
Source ip address(ip/mask/port):(any/any/any)
Destination ip
Proto Transform
----- ---------
P1 esp-aes-sha1-tunl
Any
P1 esp-aes-sha1-tunl
© SAMSUNG Electronics Co., Ltd.