EasyManua.ls Logo

Huawei AR1200 Series - Page 349

Huawei AR1200 Series
392 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Run the display ike sa command on RouterA, and the following information is displayed:
[Huawei] display ike sa v2
Conn-ID Peer VPN Flag(s) Phase
---------------------------------------------------------
64 60.1.2.1 0 RD|ST 2
62 60.1.2.1 0 RD|ST 1
Flag
Description:
RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--
TIMEOUT
HRT--HEARTBEAT LKG--LAST KNOWN GOOD SEQ NO. BCK--BACKED UP
2. Run the display ipsec sa command on RouterA and RouterB to view the IPSec
configuration. The display on RouterA is used as an example.
[Huawei] display ipsec sa
===============================
Interface: Ethernet 1/0/0
Path MTU: 1500
===============================
-----------------------------
IPSec efficient-vpn name: "2"
Mode: EFFICIENTVPN-CLIENT MODE
-----------------------------
Connection ID : 64
Encapsulation mode: Tunnel
Tunnel local : 60.1.1.1
Tunnel remote : 60.1.2.1
Flow source : 100.1.1.126/255.255.255.255 0/0
Flow destination : 0.0.0.0/0.0.0.0 0/0
[Outbound ESP SAs]
SPI: 3752053811 (0xdfa3cc33)
proposal: ESP-ENCRYPT-DES-64 ESP-AUTH-MD5
SA remaining key duration (bytes/sec): 1887436800/1390
Max sent sequence-number: 0
UDP encapsulation used for NAT traversal: N
[Inbound ESP SAs]
SPI: 4182141148 (0xf94668dc)
proposal: ESP-ENCRYPT-DES-64 ESP-AUTH-MD5
SA remaining key duration (bytes/sec): 1887436800/1390
Max received sequence-number: 0
UDP encapsulation used for NAT traversal: N
3. Run the display ipsec efficient-vpn command on RouterA to view information about the
Efficient VPN policy.
[Huawei] display ipsec efficient-vpn
===========================================
IPSec efficient-vpn name: 2
Using interface : Ethernet1/0/0
===========================================
IPSEC Efficient-vpn Name : 2
IPSEC Efficient-vpn Mode : 1 (1:Client 2:Network)
ACL Number :
Auth Method : 8 (8:PSK 9:RSA)
VPN name :
Local ID Type : 1 (1:IP 2:Name)
Remote Address : 60.1.2.1
IKE Version : 2 (1:IKEv1 2:IKEv2)
FQDN :
Pre Shared Key : huawei
PFS Type : 0 (0:Disable 1:Group1 2:Group2 5:Group5
14:Group14)
Local Address :
Remote Name :
PKI Object :
Interface loopback : LoopBack100
Interface loopback IP : 100.1.1.126/32
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 5 IPSec Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
338

Table of Contents

Other manuals for Huawei AR1200 Series

Preview: User Configuration Guide
User Configuration Guide232 pages
Preview: Hardware Description
Hardware Description218 pages
Preview: Usage Guide
Usage Guide69 pages
Preview: Configuration Guide - Wlan
Configuration Guide - Wlan58 pages
Preview: Configuration Guide - Voice
Configuration Guide - Voice65 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual31 pages
Preview: Configuration Guide - Mpls
Configuration Guide - Mpls132 pages
Preview: Brochure
Brochure12 pages

Related product manuals