ESP encryption hex key: ******
ESP authentication hex key: ******
outbound AH setting:
AH spi:
AH string-key:
AH authentication hex key:
outbound ESP setting:
ESP spi: 23456 (0x5ba0)
ESP string-key:
ESP encryption hex key: ******
ESP authentication hex key: ******
===========================================
IPsec Policy Group: "gdoi-map"
Interface: Ethernet1/1
===========================================
------------------------------------
IPsec policy name: " gdoi-map "
sequence number: 10
mode: gdoi
-------------------------------------
group name :gdoi-group
Table 36 Command output
Field
security data flow
acl version
Interface
Protocol
sequence number
mode
encapsulation mode
selector mode
ike-peer name
PFS
DH group
tunnel local address
Description
ACL referenced by the IPsec policy.
Version of the ACL.
Interface to which the IPsec policy is applied.
Name of the protocol to which the IPsec policy is applied. (This
field is not displayed when the IPsec policy is not applied to any
routing protocol.)
Sequence number of the IPsec policy.
Negotiation mode of the IPsec policy:
•
manual—Manual mode.
•
isakmp—IKE negotiation mode.
•
template—IPsec policy template mode.
•
gdoi—GDOI mode.
IPsec packet encapsulation mode:
•
tunnel—Tunnel mode.
•
transport—Transport mode.
Data flow protection mode of the IPsec policy, standard or
aggregation.
IKE peer referenced by the IPsec policy.
Whether perfect forward secrecy is enabled.
Used DH group. Its value can be 1, 2, 5, or 14.
Local IP address of the tunnel.
257