526
State Whether the IPsec transform set is complete.
Encapsulation mode Encapsulation mode used by the IPsec transform set: transport or tunnel.
ESN Whether Extended Sequence Number (ESN) is enabled.
PFS
Perfect Forward Secrecy (PFS) used by the IPsec policy for negotiation:
• 768-bit Diffie-Hellman group (dh-group1)
• 1024-bit Diffie-Hellman group (dh-group2)
• 1536-bit Diffie-Hellman group (dh-group5)
• 2048-bit Diffie-Hellman group (dh-group14)
• 2048-bit and 256_bit subgroup Diffie-Hellman group (dh-group24)
• 256-bit ECP Diffie-Hellman group (dh-group19)
• 384-bit ECP Diffie-Hellman group (dh-group20)
Transform
Security protocols used by the IPsec transform set: AH, ESP, or both. If both
protocols are configured, IPsec uses ESP before AH.
AH protocol AH settings.
ESP protocol ESP settings.
Integrity Authentication algorithm used by the security protocol.
Encryption Encryption algorithm used by the security protocol.
Related commands
ipsec transform-set
display ipsec tunnel
Use display ipsec tunnel to display information about IPsec tunnels.
Syntax
display ipsec tunnel { brief | count | tunnel-id tunnel-id }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief information about IPsec tunnels.
count: Displays the number of IPsec tunnels.
tunnel-id tunnel-id: Specifies an IPsec tunnel by its ID. The value range for the tunnel-id argument is
0 to 4294967295.
Usage guidelines
IPsec is a Layer 3 VPN technology that transmits data in a secure channel established between two
endpoints (such as two security gateways). Such a secure channel is usually called an IPsec tunnel.
Examples
# Display brief information about all IPsec tunnels.
<Sysname> display ipsec tunnel brief
To Next Page
Loading...
Need help?
General
