Display Gdoi Gm Ipsec Sa - HPE FlexNetwork HSR6800 Security Command Reference

Field
rule 0 deny ip source 10.1.1.0 0.0.0.255
destination 10.1.1.0 0.0.0.255

display gdoi gm ipsec sa

Use display gdoi gm ipsec sa to display IPsec SA information obtained by GMs.
Syntax
display gdoi gm ipsec sa [ group group-name ] [ | { begin | exclude | include }
regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
group group-name: Displays IPsec SA information obtained by GMs of a GDOI GM group. The
group-name argument is the GDOI GM group name, a case-sensitive string of 1 to 63 characters. If
you do not specify this option, the command displays IPsec SA information obtained by all GMs.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Examples
# Display IPsec SA information obtained by all GMs.
<Sysname> display gdoi gm ipsec sa
SA created for group abc:
Interface GigabitEthernet1/0/1;
Interface GigabitEthernet1/0/2:
IPsec SA:
SPI: 0x9AE5951E(2598737182)
Transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
SA timing:
remaining key lifetime (sec): 12
Anti-replay detection: Disabled
SA created for group hh:
Interface GigabitEthernet1/0/1;
Interface GigabitEthernet1/0/2:
IPsec SA:
SPI: 0xDCC66F7B(3703992187)
Transform: ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
Description
Indicates that IPsec does not protect IP packets whose
source and destination addresses are within subnet
10.1.1.0/24.
506