H3C MSR Series Command Reference Manual page 683
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Field
Re-register in
Succeeded registrations
Attempted registrations
Last rekey from
Last rekey seq num
Multicast rekeys received
Unicast rekeys received
Rekey ACKs sent
Allowable rekey cipher
Allowable rekey hash
Allowable transform
Rekeys cumulative
Total received
Rekeys after latest registration
Last rekey received for
Total rekey ACKs sent
ACL downloaded from KS 90.1.1.1
rule 0 deny udp source-port eq 848
destination-port eq 848
rule 1 deny ospf
rule 2 permit icmp
KEK
Rekey transport type
Remaining key lifetime
Encrypt algorithm
Key size
Signature algorithm
Signature hash algorithm
Signature key length
Description
Period of time after which the GM re-registers with a KS.
N/A indicates that the GM does not re-register with a KS.
Number of successful registrations.
Number of registration attempts.
KS from which the GM receives the last rekey message.
N/A indicates that the GM does not receive any rekey messages.
Sequence number of the last received rekey message.
N/A indicates that the GM does not receive any rekey messages.
Number of multicast rekeys received. This field is displayed only
when the GDOI GM group is a multicast group.
Number of unicast rekeys received. This field is displayed only
when the GDOI GM group is a unicast group.
Number of rekey ACK messages sent. This field is displayed only
when the GDOI GM group is a unicast group.
Rekey encryption algorithms that the GM allows. Any indicates
that the GM allows all encryption algorithms.
Rekey hash algorithms that the GM allows. Any indicates that the
GM allows all hash algorithms.
Rekey transform modes that the GM allows. Any indicates that
the GM allows all transform modes.
Rekey statistics.
Total number of rekeys that the GM has received.
Number of rekeys that the GM has received after the last
successful registration.
Period of time for which the key has existed after the last rekey
operation. N/A indicates that no rekey message is received. This
field is displayed only in multicast mode.
Number of rekey ACK messages sent. This field is displayed only
in unicast mode.
ACL information downloaded from the KS at 90.1.1.1.
UDP packets whose source and destination port numbers are
both 848 do not need to be protected by IPsec.
OSPF protocol packets do not need to be protected by IPsec.
All ICMP packets need to be protected by IPsec.
KEK information.
Transport type of rekey messages: Multicast or Unicast.
KEK lifetime in seconds.
KEK encryption algorithm.
KEK key length.
KEK signature algorithm.
KEK signature hash algorithm.
KEK signature key length in bits.
660
Advertisement
Table of Contents
