Usage guidelines
If you do not specify any parameters, this command displays summary information about all IKE
SAs.
Examples
# Display summary information about all IKE SAs.
<Sysname> display ike sa
Connection-ID
----------------------------------------------------------
1
Flags:
RD--READY RL--REPLACED FD-FADING RK-REKEY
Table 69 Command output
Field
Connection-ID
Remote
Flags
DOI
# Display detailed information about all IKE SAs.
<Sysname> display ike sa verbose
---------------------------------------------
Connection ID: 2
Outside VPN:
Inside VPN:
Profile: prof1
Transmitting entity: Initiator
---------------------------------------------
Local IP: 4.4.4.4
Local ID type: IPV4_ADDR
Local ID: 4.4.4.4
Remote IP: 4.4.4.5
Remote ID type: IPV4_ADDR
Remote ID: 4.4.4.5
Authentication-method: PRE-SHARED-KEY
Authentication-algorithm: SHA1
Encryption-algorithm: AES-CBC-128
Remote
Flag
202.38.0.2
RD
Description
Identifier of the IKE SA.
Remote IP address of the SA.
Status of the SA:
•
RD--READY—The SA has been established.
•
RL--REPLACED—The SA has been replaced by a new one and will be
deleted later.
•
FD-FADING—The SA is in use, but it is about to expire and will be deleted
soon.
•
RK-REKEY—The SA is a Rekey SA.
•
Unknown—The SA status is unknown.
Interpretation domain to which the SA belongs.
IPsec—The SA belongs to an IPsec DOI.
508
DOI
IPsec