To Next Page

To Previous Page

583

Table 87 Command output

Field

Description

Connection ID Identifier of the IKE SA.

Outside VPN

VPN instance name of the MPLS L3VPN to which the receiving

interface belongs.

Inside VPN

VPN instance name of the MPLS L3VPN to which the protected data

belongs.

Profile

Name of the matching IKE profile found in the IKE SA negotiation.

If no matching profile is found, this field displays nothing.

Transmitting entity Role of the IKE negotiation entity: Initiator or Responder.

Local IP IP address of the local gateway.

Local ID type Identifier type of the local gateway.

Local ID Identifier of the local gateway.

Remote IP IP address of the remote gateway.

Remote ID type Identifier type of the remote gateway.

Remote ID Identifier of the remote security gateway.

Authentication-method Authentication method used by the IKE proposal.

Authentication-algorithm

Authentication algorithm used by the IKE proposal:

• MD5—HMAC-MD5 algorithm.

• SHA1—HMAC-SHA1 algorithm.

• SHA256—HMAC-SHA256 algorithm.

• SHA384—HMAC-SHA384 algorithm.

• SHA512—HMAC-SHA512 algorithm.

• SM3—HMAC-SM3 algorithm.

Encryption-algorithm

Encryption algorithm used by the IKE proposal:

• 3DES-CBC—168-bit 3DES algorithm in CBC mode.

• AES-CBC-128—128-bit AES algorithm in CBC mode.

• AES-CBC-192—192-bit AES algorithm in CBC mode.

• AES-CBC-256—256-bit AES algorithm in CBC mode.

• DES-CBC—56-bit DES algorithm in CBC mode.

• SM1-CBC-128—128-bit SM1 algorithm in CBC mode.

• SM1-CBC-192—192-bit SM1 algorithm in CBC mode.

• SM1-CBC-256—256-bit SM1 algorithm in CBC mode.

• SM4-CBC-128—128-bit SM4 algorithm in CBC mode.

Life duration(sec) Lifetime of the IKE SA in seconds.

Remaining key duration(sec) Remaining lifetime of the IKE SA in seconds.

Exchange-mode IKE negotiation mode in phase 1: main mode or aggressive mode.

Diffie-Hellman group DH group used for key negotiation in IKE phase 1.

NAT traversal Whether a NAT gateway is detected.

Extend authentication Whether extended authentication for clients is enabled.

Assigned IP address

IP address assigned to the remote peer.

This field is not displayed if no IP address is assigned.

Other manuals for H3C MSR Series

Manual33 pages

Probe Command Reference28 pages

Configuration Guide80 pages

Troubleshooting Guide28 pages

User Guide26 pages

Questions and Answers:

Need help?

Do you have a question about the H3C MSR Series and is the answer not in the manual?

H3C MSR Series Specifications

General

Category	Network Router
IPv6 Support	Yes
Dimensions	Varies by model
Weight	Varies by model
Product Type	Modular Router
Ports	Varies by model
WAN Interfaces	Varies by model
Firewall	Yes
QoS	Yes
Wireless Support	Varies by model
USB Ports	Varies by model
Console Port	Yes
Power Supply	Varies by model
Redundancy	Varies by model
Operating Temperature	0°C to 45°C
Storage Temperature	-40°C to 70°C
Humidity	5% to 95% non-condensing
Series	MSR
Certifications	CE, FCC, RoHS