HPE FlexNetwork MSR Series Comware 5 Security Configuration Manual page 488
Hide thumbs
Also See for FlexNetwork MSR Series:
- Configuration manual (861 pages) ,
- Comware 7 layer 3 - ip services configuration manuals (554 pages) ,
- Comware 5 layer 2 - wan access configuration manual (420 pages)
Table of Contents
Advertisement
connection-id
----------------------------------------------------------------------------
658
659
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT RK--REKEY
The output shows the IKE SA and rekey SA generated after IKE negotiation. The SA with
connection-id of 658 is the IKE SA, and the SA with connection-id of 659 is the rekey SA.
# Execute the display ipsec sa command on GM 1 to display IPsec SAs.
[GM1] display ipsec sa
===============================
Interface: Ethernet1/1
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "map"
sequence number: 1
mode: gdoi
-----------------------------
PFS: N, DH group: none
tunnel:
local
address: 1.1.1.1
remote address: 0.0.0.0
flow:
sour addr: 10.1.1.0/255.255.255.0
dest addr: 10.1.2.0/255.255.255.0
current outbound spi: 0xDB865076(3683012726)
[inbound ESP SAs]
spi: 0xDB865076(3683012726)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 317
sa duration (kilobytes/sec): 0/900
sa remaining duration (kilobytes/sec): 0/63
anti-replay detection: Disabled
spi: 0x640321A(104870426)
transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
in use setting: Transport
connection id: 325
sa duration (kilobytes/sec): 0/900
sa remaining duration (kilobytes/sec): 0/853
anti-replay detection: Disabled
peer
100.1.1.100
100.1.1.100
475
flag
phase
RD|ST
1
RD|RK
1
port: 0
protocol: IP
port: 0
protocol: IP
doi
status
GROUP
--
GROUP
--
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the FlexNetwork MSR Series and is the answer not in the manual?