659
Rekeys cumulative:
Total received : 52
Rekeys after latest registration: 3
Total rekey ACKs sent : 23
ACL downloaded from KS 90.1.1.2:
rule 0 deny udp source-port eq 848 destination-port eq 848
rule 1 deny ospf
rule 2 permit icmp
KEK:
Rekey transport type : Unicast
Remaining key lifetime : 159 sec
Encryption algorithm : AES-CBC
Key size : 128
Signature algorithm : RSA
Signature hash algorithm : SHA1
Signature key length : 1024 bits
TEK:
SPI : 0x9AE5951E(2598737182)
Transform : ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
Remaining key lifetime : 190 sec
SPI : 0x12C55CFF(314924287)
Transform : ESP-ENCRYPT-AES-128 ESP-AUTH-SHA1
Remaining key lifetime : 402 sec
Table 93 Command output
Group name GDOI GM group name.
Group identity
GDOI GM group ID (a number or an IPv4 address).
N/A
indicates that the group is not configured with an ID.
Address family
Address family of data flows protected by the GDOI GM group,
IPv4
or
IPv6
.
Rekeys received Number of rekey messages received.
Group server
IP addresses or host names of KSs in the GDOI GM group. A
group supports a maximum of 16 KS IP addresses or host names.
VRF name
Name of the VRF to which the KS belongs. If the KS belongs to
the public network, this field is not displayed.
Group member IP address of the GM.
VRF name
Name of the VRF to which the GM belongs. If the GM belongs to
the public network, this field is not displayed.
Registration status Registration status:
Registered
,
Registering
, or
Not registered
.
Registered with
IP address or host name of the KS with which the GM registers.
If a host name is displayed, this field also displays the IP address
of the host in brackets.
To Next Page
Loading...
Need help?
General
