Filter
Top Products
2125
View Any view
Parameter brief: Displays brief information about all SAs.
duration: Displays the global SA lifetime information.
policy: Displays detailed information about SAs created by using a specified IPSec
policy.
policy-name: Name of the IPSec policy, a string 1 to 15 characters.
seq-number: Sequence number of the IPSec policy, in the range 1 to 10000.
remote ip-address: Displays detailed information about the SA with a specified
remote address.
Description Use the
display ipsec sa command to display information about SAs.
With no parameter or keyword specified, the command displays information
about all SAs.
Related command: reset ipsec sa, ipsec sa global-duration.
Example # Display brief information about all SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
--------------------------------------------------------
10.1.1.1 10.1.1.2 300 ESP E:DES; A:HMAC-MD5-96
10.1.1.2 10.1.1.1 400 ESP E:DES; A:HMAC-MD5-96
# Display the global SA lifetime settings.
<Sysname> display ipsec sa duration
ipsec sa global duration (traffic based): 1843200 kilobytes
ipsec sa global duration (time based): 3600 seconds
# Display detailed information about all SAs.
<Sysname> display ipsec sa
===============================
Interface: Ethernet0/0
path MTU: 1500
===============================
Table 564 Description on the fields of the display ipsec sa brief command
Field Description
Src Address Local IP address
Dst Address Remote IP address
SPI Security parameter index
Protocol Security protocol used by IPSec
Algorithm Authentication algorithm and encryption algorithm used by the security
protocol, where E indicates the encryption algorithm and A indicates the
authentication algorithm.