Displaying And Maintaining Ipsec - HPE Moonshot 45Gc Security Configuration Manual

Switch module
Table of Contents

Advertisement

To generate and output SNMP notifications for a specific IPsec failure or event type, perform the
following tasks:
1.
Enable SNMP notifications for IPsec globally.
2.
Enable SNMP notifications for the failure or event type.
To configure SNMP notifications for IPsec:
Step
1.
Enter system view
2.
Enable SNMP
notifications for IPsec
globally.
3.
Enable SNMP
notifications for the
specified failure or event
types.

Displaying and maintaining IPsec

Execute display commands in any view and reset commands in user view.
Task
Display IPsec policy information.
Display IPsec policy template information.
Display IPsec profile information.
Display IPsec transform set information.
Display IPsec SA information.
Display IPsec statistics.
Display IPsec tunnel information.
Clear IPsec SAs.
Clear IPsec statistics.
Command
system-view
snmp-agent trap enable ipsec
global
snmp-agent trap enable ipsec
[ auth-failure | decrypt-failure |
encrypt-failure | invalid-sa-failure |
no-sa-failure | policy-add |
policy-attach | policy-delete |
policy-detach | tunnel-start |
tunnel-stop ] *
Command
display ipsec { ipv6-policy | policy } [ policy-name
[ seq-number ] ]
display ipsec { ipv6-policy-template |
policy-template } [ template-name [ seq-number ] ]
display ipsec profile [ profile-name ]
display ipsec transform-set [ transform-set-name ]
display ipsec sa [ brief | count | interface interface-type
interface-number | { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote [ ipv6 ]
ip-address ]
display ipsec statistics [ tunnel-id tunnel-id ]
display ipsec tunnel { brief | count | tunnel-id
tunnel-id }
reset ipsec sa [ { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote
{ ipv4-address | ipv6 ipv6-address } | spi { ipv4-address |
ipv6 ipv6-address } { ah | esp } spi-num ]
reset ipsec statistics [ tunnel-id tunnel-id ]
278
Remarks
N/A
By default, SNMP notifications for
IPsec are disabled.
By default, SNMP notifications for
all failure and event types are
disabled.

Advertisement

Table of Contents
loading

Table of Contents