Support User Manuals

Allied Telesis AT-WR4500 Network Router User Manual

Open as PDF

of 264

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers 193

RouterOS v3 Configuration and User Guide

remote-address (read-only: IP address) - peer's IP address

side (multiple choice, read-only: initiator | responder) - shows which side initiated the connection

initiator - phase 1 negotiation was started by this router

responder - phase 1 negotiation was started by peer

state (read-only: text) - state of phase 1 negotiation with the peer

estabilished - normal working state

Example

To see currently estabilished SAs:

[admin@WiFi] ip ipsec> remote-peers print

0 local-address=10.0.0.148 remote-address=10.0.0.147 state=established

side=initiator

[admin@WiFi] ip ipsec>

8.8.5 Installed SAs

Submenu level: /ip ipsec installed-sa

Description

This facility provides information about installed security associations including the keys

Property Description

add-lifetime (read-only: time) - soft/hard expiration time counted from installation of SA

addtime (read-only: text) - time when this SA was installed

auth-algorithm (multiple choice, read-only: none | md5 | sha1) - authentication algorithm used in SA

auth-key (read-only: text) - authentication key presented as a hex string

current-bytes (read-only: integer) - amount of data processed by this SA's crypto algorithms

dst-address (read-only: IP address) - destination address of SA taken from respective policy

enc-algorithm (multiple choice, read-only: none | des | 3des | aes) - encryption algorithm used in SA

enc-key (read-only: text) - encryption key presented as a hex string (not applicable to AH SAs)

lifebytes (read-only: integer) - soft/hard expiration threshold for amount of processed data

replay (read-only: integer) - size of replay window presented in bytes. This window protects the receiver

against replay attacks by rejecting old or duplicate packets

spi (read-only: integer) - SPI value of SA, represented in hexadecimal form

src-address (read-only: IP address) - source address of SA taken from respective policy

state (multiple choice, read-only: larval | mature | dying | dead) - SA living phase

use-lifetime (read-only: time) - soft/hard expiration time counted from the first use of SA

usetime (read-only: text) - time when this SA was first used

previous next