3Com MSR 50 Network Router User Manual


  Open as PDF
of 2742
 
2122 CHAPTER 140: IPSEC CONFIGURATION COMMANDS
mapss1234567890-10000 isakmp peerr1234567890
IPsec-Policy-Name Mode acl Local-Address Remote-Address
------------------------------------------------------------------------
map-2 manual 3000 255.255.255.255 255.255.255.255
mappp0123456789-1 manual 3000
# Display detailed information about all IPSec policies
<Sysname> display ipsec policy
===========================================
IPsec Policy Group: "policy_isakmp"
Using interface: {Ethernet1/0}
===========================================
------------------------------------
IPsec policy name: "policy_isakmp"
sequence number: 10
mode: isakmp
-------------------------------------
security data flow : 100
tunnel remote address: 162.105.10.2
perfect forward secrecy: None
proposal name: prop1
ipsec sa local duration(time based): 3600 seconds
ipsec sa local duration(traffic based): 1843200 kilobytes
===========================================
IPsec Policy Group: "policy_man"
Using interface: {Ethernet1/1}
===========================================
-----------------------------------------
IPsec policy name: "policy_man"
sequence number: 10
mode: manual
-----------------------------------------
security data flow : 100
tunnel local address: 162.105.10.1
tunnel remote address: 162.105.10.2
proposal name: prop1
inbound AH setting:
AH spi: 12345 (0x3039)
AH string-key:
AH authentication hex key : 1234567890123456789012345678901234567890
inbound ESP setting:
ESP spi: 23456 (0x5ba0)
ESP string-key:
ESP encryption hex key: 1234567890abcdef1234567890abcdef1234567812345678
ESP authentication hex key: 1234567890abcdef1234567890abcdef
outbound AH setting:
AH spi: 54321 (0xd431)
AH string-key:
AH authtication hex key: 1122334455667788990011223344556677889900
Table 560 Description on the fields of the display ipsec policy brief command
Field Description
IPsec-Policy-Name Name and sequence number of the IPSec policy separated by
hyphen
Mode Negotiation mode of the IPSec policy
acl Access control list referenced by the IPSec policy
ike-peer name IKE peer name
Local-Address IP address of the local end
Remote-Address IP address of the remote end
 previous next