Filter
Top Products
2126 CHAPTER 140: IPSEC CONFIGURATION COMMANDS
-----------------------------
IPsec policy name: "r2"
sequence number: 1
mode: isakmp
-----------------------------
connection id: 3
encapsulation mode: tunnel
perfect forward secrecy: None
tunnel:
local address: 2.2.2.2
remote address: 1.1.1.2
flow: (11 times matched)
sour addr: 192.168.2.0/255.255.255.0 port: 0 protocol: IP
dest addr: 192.168.1.0/255.255.255.0 port: 0 protocol: IP
[inbound ESP SAs]
spi: 3564837569 (0xd47b1ac1)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): 1887436380/2686
max received sequence-number: 5
udp encapsulation used for nat traversal: N
[outbound ESP SAs]
spi: 801701189 (0x2fc8fd45)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): 1887436380/2686
max sent sequence-number: 6
udp encapsulation used for nat traversal: N
Table 565 Description on the fields of the display ipsec sa command
Field Description
Interface Interface referencing the IPSec policy
path MTU Maximum IP packet length supported by the interface
IPSec policy name Name of the IPSec policy used
sequence number Sequence number of the IPSec policy
mode IPSec negotiation mode
connection id IPSec tunnel identifier
encapsulation mode Encapsulation mode, transport or tunnel
perfect forward secrecy Whether the PFS is enabled.
tunnel IPSec tunnel
local address Local IP address of the IPSec tunnel
remote address Remote IP address of the IPSec tunnel
flow: (11 times
matched)
Number of matches of the data flow
sour addr Source IP address of the data flow
dest addr Destination IP address of the data flow
port Port number
protocol Protocol type
inbound Information of the inbound SA
spi Security parameter index
proposal Security protocol and algorithms used by the IPSec proposal