HP A6600 Configuration Manual page 310
Hide thumbs
Also See for A6600:
- Configuration manual (426 pages) ,
- Getting started (222 pages) ,
- Limited warranty (41 pages)
Table of Contents
Advertisement
priority authentication authentication encryption Diffie-Hellman duration
method
algorithm
---------------------------------------------------------------------------
default
PRE_SHARED
Router A and Router B have only one pair of matching IKE proposals. Matching IKE proposals do not
necessarily use the same ISAKMP SA lifetime setting.
# Send traffic from subnet 10.1.1.0/24 to subnet 10.1.2.0/24. Router A starts IKE negotiation with
Router B when receiving the first packet.
# View the SAs established in the two IKE negotiation phases.
[RouterA] display ike sa
total phase-1 SAs:
connection-id
peer
----------------------------------------------------------
1
2.2.2.2
2
2.2.2.2
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT
# Display information about the established IPsec SAs, which protect traffic between subnet
10.1.1.0/24 and subnet 10.1.2.0/24.
[RouterA] display ipsec sa
===============================
Interface: GigabitEthernet1/0/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "map1"
sequence number: 10
mode: isakmp
-----------------------------
connection id: 1
encapsulation mode: tunnel
perfect forward secrecy:
tunnel:
local
address: 1.1.1.1
remote address: 2.2.2.2
flow:
sour addr: 10.1.1.0/255.255.255.0
dest addr: 10.1.2.0/255.255.255.0
[inbound ESP SAs]
spi: 1030568546 (0x3d6d3a62)
proposal: ESP-ENCRYPT-DES ESP-AUTH-SHA1
sa duration (kilobytes/sec): 1843200/3600
sa remaining duration (kilobytes/sec): 1843199/3590
algorithm
group
SHA
DES_CBC
1
flag
RD|ST
RD|ST
port: 0
port: 0
298
(seconds)
MODP_768
phase
doi
1
IPSEC
2
IPSEC
protocol: IP
protocol: IP
86400
Advertisement
Table of Contents
Troubleshooting
