Huawei AR1200 series Configuration Manual page 349
Enterprise routers
Hide thumbs
Also See for AR1200 series:
- Configuration manual (342 pages) ,
- User configuration manual (232 pages) ,
- Hardware description (218 pages)
Table of Contents
Advertisement
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN
2.
3.
Issue 01 (2012-04-20)
Run the display ike sa command on RouterA, and the following information is displayed:
[Huawei] display ike sa v2
Conn-ID
Peer
---------------------------------------------------------
64
60.1.2.1
62
60.1.2.1
Flag
Description:
RD--READY
ST--STAYALIVE
TIMEOUT
HRT--HEARTBEAT
LKG--LAST KNOWN GOOD SEQ NO.
Run the display ipsec sa command on RouterA and RouterB to view the IPSec
configuration. The display on RouterA is used as an example.
[Huawei] display ipsec sa
===============================
Interface: Ethernet 1/0/0
Path MTU: 1500
===============================
-----------------------------
IPSec efficient-vpn name: "2"
Mode: EFFICIENTVPN-CLIENT MODE
-----------------------------
Connection ID
Encapsulation mode: Tunnel
Tunnel local
Tunnel remote
Flow source
Flow destination
[Outbound ESP SAs]
SPI: 3752053811 (0xdfa3cc33)
proposal: ESP-ENCRYPT-DES-64 ESP-AUTH-MD5
SA remaining key duration (bytes/sec): 1887436800/1390
Max sent sequence-number: 0
UDP encapsulation used for NAT traversal: N
[Inbound ESP SAs]
SPI: 4182141148 (0xf94668dc)
proposal: ESP-ENCRYPT-DES-64 ESP-AUTH-MD5
SA remaining key duration (bytes/sec): 1887436800/1390
Max received sequence-number: 0
UDP encapsulation used for NAT traversal: N
Run the display ipsec efficient-vpn command on RouterA to view information about the
Efficient VPN policy.
[Huawei] display ipsec efficient-vpn
===========================================
IPSec efficient-vpn name: 2
Using interface
: Ethernet1/0/0
===========================================
IPSEC Efficient-vpn Name
IPSEC Efficient-vpn Mode
ACL Number
Auth Method
VPN name
Local ID Type
Remote Address
IKE Version
FQDN
Pre Shared Key
PFS Type
14:Group14)
Local Address
Remote Name
PKI Object
Interface loopback
Interface loopback IP
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
VPN
Flag(s)
0
RD|ST
0
RD|ST
RL--REPLACED
: 64
: 60.1.1.1
: 60.1.2.1
: 100.1.1.126/255.255.255.255 0/0
: 0.0.0.0/0.0.0.0 0/0
: 2
: 1 (1:Client 2:Network)
:
: 8 (8:PSK 9:RSA)
:
: 1 (1:IP 2:Name)
: 60.1.2.1
: 2 (1:IKEv1 2:IKEv2)
:
: huawei
: 0 (0:Disable 1:Group1 2:Group2 5:Group5
:
:
:
: LoopBack100
: 100.1.1.126/32
5 IPSec Configuration
Phase
2
1
FD--FADING
TO--
BCK--BACKED UP
338
Hide quick links:
Advertisement
Table of Contents
