Table of Contents
Advertisement
Field
PFS
Transform
AH protocol
ESP protocol
Integrity
Encryption
Related commands
ipsec transform-set
display ipsec tunnel
Use
display ipsec tunnel
Syntax
display ipsec tunnel { brief | count | tunnel-id tunnel-id }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
: Displays brief information about all IPsec tunnels.
brief
: Displays information about the specified number of IPsec tunnels.
count
tunnel-id tunnel-id
argument is 0 to 4294967295.
Usage guidelines
IPsec is a Layer 3 VPN technology that transmits data in a secure channel established between two
endpoints (such as two security gateways). Such a secure channel is usually called an IPsec tunnel.
Examples
# Display brief information about all IPsec tunnels.
<Sysname> display ipsec tunnel brief
----------------------------------------------------------------------------
Tunn-id
Src Address
----------------------------------------------------------------------------
Description
Perfect Forward Secrecy (PFS) used by the IPsec policy for negotiation:
•
768-bit Diffie-Hellman group (dh-group1).
•
1024-bit Diffie-Hellman group (dh-group2).
•
1536-bit Diffie-Hellman group (dh-group5).
•
2048-bit Diffie-Hellman group (dh-group14).
•
2048-bit and 256_bit subgroup Diffie-Hellman group (dh-group24).
•
256-bit ECP Diffie-Hellman group (dh-group19).
•
384-bit ECP Diffie-Hellman group (dh-group20).
Security protocols used by the IPsec transform set: AH, ESP, or both. If both
protocols are configured, IPsec uses ESP before AH.
AH settings.
ESP settings.
Authentication algorithm used by the security protocol.
Encryption algorithm used by the security protocol.
to display information about IPsec tunnels.
: Specifies an IPsec tunnel by its ID. The value range for the
Dst Address
19
Inbound SPI
Outbound SPI
tunnel-id
Status
Advertisement
Chapters
Table of Contents
