-----------------------------
IPsec profile: profile
Mode: manual
-----------------------------
Encapsulation mode: transport
[Inbound AH SAs]
SPI: 1234563 (0x0012d683)
Transform set: AH-SHA1
No duration limit for this SA
[Outbound AH SAs]
SPI: 1234563 (0x002d683)
Transform set: AH-SHA1
No duration limit for this SA
Table 41 Command output
Field Description
Interface Interface where the IPsec SA belongs.
IPsec policy Name of the used IPsec policy.
IPsec profile Name of the used IPsec profile.
Sequence number Sequence number of the IPsec policy entry.
Mode
Negotiation mode used by the IPsec policy:
• manual
• isakmp
Tunnel id IPsec tunnel ID
Encapsulation mode Encapsulation mode, transport or tunnel.
Perfect Forward Secrecy
Perfect forward secrecy (PFS) used by the IPsec policy for
negotiation:
• 768-bit Diffie-Hellman group (dh-group1)
• 1024-bit Diffie-Hellman group (dh-group2)
• 1536-bit Diffie-Hellman group (dh-group5)
• 2048-bit Diffie-Hellman group (dh-group14)
• 2048-bit and 256_bit subgroup Diffie-Hellman group
(dh-group24)
Path MTU Path MTU of the IPsec SA.
Tunnel Local and remote addresses of the IPsec tunnel.
local address Local end IP address of the IPsec tunnel.
remote address Remote end IP address of the IPsec tunnel.
Flow Information about the data flow protected by the IPsec tunnel
sour addr Source IP address of the data flow.
dest addr Destination IP address,
port Port number.
325
To Next Page
Loading...
