324
Table 49 Output description
Field Description
IPsec proposal name Name of the IPsec proposal
encapsulation mode Encapsulation mode used by the IPsec proposal, transport or tunnel
transform
Security protocol(s) used by the IPsec proposal: AH, ESP, or both. If both
protocols are configured, IPsec uses ESP before AH.
AH protocol Authentication algorithm used by AH
ESP protocol Authentication algorithm and encryption algorithm used by ESP
display ipsec sa
Syntax
display ipsec sa [ brief | policy policy-name [ seq-number ] | remote ip-address ] [ | { begin | exclude
| include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
brief: Displays brief information about all IPsec SAs.
policy: Displays detailed information about IPsec SAs created by using a specified IPsec policy.
policy-name: Name of the IPsec policy, a string 1 to 15 characters.
seq-number: Sequence number of the IPsec policy, in the range 1 to 65535.
remote ip-address: Displays detailed information about the IPsec SA with a specified remote address.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display ipsec sa command to display information about IPsec SAs.
If you do not specify any parameters, the command displays information about all IPsec SAs.
Related commands: reset ipsec sa and ipsec sa global-duration.
Examples
# Display brief information about all IPsec SAs.
<Sysname> display ipsec sa brief
Src Address Dst Address SPI Protocol Algorithm
To Next Page
Loading...
