302
AH SPI: 1237 (0x000004d5)
AH string-key: ******
AH authentication hex key:
Outbound ESP setting:
ESP SPI: 1238 (0x000004d6)
ESP string-key: ******
ESP encryption hex key:
ESP authentication hex key:
Table 36 Command output
Field Descri
tion
IPsec Policy IPsec policy name.
Sequence number Sequence number of the IPsec policy entry.
Mode
Negotiation mode of the IPsec policy:
• manual—Manual mode.
• isakmp—IKE negotiation mode.
• template—IPsec policy template mode.
The policy configuration is incomplete
IPsec policy configuration incomplete. Possible causes include:
• The ACL is not configured.
• The IPsec transform set is not configured.
• The ACL does not have any permit statements.
• The IPsec transform set configuration is not complete.
• The peer IP address of the IPsec tunnel is not specified.
• The SPI and key of the IPsec SA do not match the IPsec policy.
Description Description of the IPsec policy.
Security data flow ACL referenced by the IPsec policy.
Selector mode
Data flow protection mode of the IPsec policy:
• standard
• aggregation
• per-host
Local address
Local end IP address of the IPsec tunnel (only available for the
IPsec policy using IKE negotiation).
Remote address Remote end IP address or host name of the IPsec tunnel.
Transform set Transform set referenced by the IPsec policy.
IKE profile IKE peer referenced by the IPsec policy.
SA duration(time based) Time-based IPsec SA lifetime, in seconds.
SA duration(traffic based) Traffic-based IPsec SA lifetime, in kilobytes.
SA idle time Idle expiration time of the IPsec SA, in seconds.
AH string-key AH string key (****** is displayed if the key is configured).
AH authentication hex key
AH authentication hex key (****** is displayed if the key is
configured).
ESP string-key ESP string key (****** is displayed if the key is configured).
To Next Page
Loading...
Need help?
General
