528
Inside vpn-instance:
SA's SPI:
outbound: 6000 (0x00001770) [AH]
inbound: 5000 (0x00001388) [AH]
outbound: 8000 (0x00001f40) [ESP]
inbound: 7000 (0x00001b58) [ESP]
Tunnel:
local address: 1.2.3.1
remote address: 2.2.2.2
Flow:
as defined in ACL 3100
# Display detailed information about IPsec tunnel 1.
<Sysname> display ipsec tunnel tunnel-id 1
Tunnel ID: 1
Status: Active
Perfect Forward Secrecy:
Inside vpn-instance:
SA's SPI:
outbound: 6000 (0x00001770) [AH]
inbound: 5000 (0x00001388) [AH]
outbound: 8000 (0x00001f40) [ESP]
inbound: 7000 (0x00001b58) [ESP]
Tunnel:
local address: 1.2.3.1
remote address: 2.2.2.2
Flow:
as defined in ACL 3100
Table 84 Command output
Tunnel ID IPsec ID, used to uniquely identify an IPsec tunnel.
Status
IPsec tunnel status:
Active
or
Standby
.
In a VSRP scenario, this field displays either
Active
or
Standby
.
In standalone mode, this field always displays
Active
.
Perfect Forward Secrecy
Perfect Forward Secrecy (PFS) used by the IPsec policy for negotiation:
• 768-bit Diffie-Hellman group (dh-group1)
• 1024-bit Diffie-Hellman group (dh-group2)
• 1536-bit Diffie-Hellman group (dh-group5)
• 2048-bit Diffie-Hellman group (dh-group14)
• 2048-bit and 256_bit subgroup Diffie-Hellman group (dh-group24)
• 256-bit ECP Diffie-Hellman group (dh-group19)
• 384-bit ECP Diffie-Hellman group (dh-group20)
SA's SPI SPIs of the inbound and outbound SAs.
Tunnel Local and remote addresses of the IPsec tunnel.
local address Local end IP address of the IPsec tunnel.
remote address Remote end IP address of the IPsec tunnel.
To Next Page
Loading...
Need help?
General
