3Com 10014299 Network Router User Manual


 
IPSec Configuration Example 577
Displaying and Debugging the crypto card
Use the debugging, reset and display command in all views.
Table 655 Display and Debug NDEC Card
IPSec Configuration
Example
The following sections demonstrate the following IPSec configurations:
Creating an SA Manually
Creating an SA in IKE Negotiation Mode
Encrypting, Decrypting, and Authenticating NDEC Cards
Creating an SA Manually Establish a security tunnel between Router-A and Router-B to perform security
protection for the data streams between PC-A represented subnet (10.1.1.x) and
PC-B represented subnet (10.1.2.x). The security protocol adopts ESP protocol,
algorithm adopts DES, and authentication algorithm adopts sha1-hmac-96.
Operation Command
Display the detailed information of crypto
cards (applicable to crypto cards)
display encrypt-card details [
slot-id ]
Display all established Security Association
on crypto card (applicable to crypto card)
display encrypt-card ipsec sa all [
slot-id ]
Display a specified Security Association on
crypto card (applicable to crypto card)
display encrypt-card ipsec sa
parameters remote-address protocol
spi-number
Display statistical information of the
security packets processing on crypto card
(applicable to crypto card)
display encrypt-card statistic [
slot-id ]
Display current operating status of crypto
card (applicable to crypto card)
display encrypt-card status [ slot-id
]
Display current operating logging of
crypto card (applicable to crypto card)
display encrypt-card syslog [ slot-id
]
Display version number of crypto card
(applicable to crypto card)
display encrypt-card version [
slot-id ]
Delete all established Security Association
(applicable to crypto card)
reset encrypt-card sa all [ slot-id ]
Delete the specified Security Association
on crypto card (applicable to crypto card)
reset encrypt-card sa parameters
remote-address protocol spi-number
Clear the statistical information of security
packets on crypto card (applicable to
crypto card)
reset encrypt-card statistic [
slot-id ]
Clear all the logging information on the
crypto card (applicable to crypto cards)
reset encrypt-card syslog [ slot-id ]
Enable the debugging of information,
packets, SA, command, error and other
information (applicable to crypto cards)
debugging encrypt-card { all | packet
| sa | command | error | misc } [
slot-id ]
Enable the debugging of the main
software on the crypto card (applicable to
crypto cards)
debugging encrypt-card host { all |
packet | sa | command | error | misc
}