sa remaining key duration (bytes/sec): 1887434624/3081
max received sequence-number: 32
udp encapsulation used for nat traversal: N
[outbound ESP SAs]
spi: 1720763150 (0x6690c30e)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): 1887434112/3081
max sent sequence-number: 33
udp encapsulation used for nat traversal: N
[RouterC] display ike sa
Conn-ID Peer VPN Flag(s) Phase
--------------------------------------------------------- ----
20 20.1.1.2 0 RD|ST 1
21 20.1.1.2 0 RD|ST 2
Flag Description:
RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT
HRT--HEARTBEAT LKG--LAST KNOWN GOOD SEQ NO. BCK--BACKED UP
[RouterC] display ips sa
===============================
Interface: GigabitEthernet1/0/0
path MTU: 1500
===============================
-----------------------------
IPsec policy name: "policy1"
sequence number: 1
mode: isakmp
-----------------------------
connection id: 21
encapsulation mode: tunnel
tunnel local : 30.1.1.2 tunnel remote: 20.1.1.1
[inbound ESP SAs]
spi: 1720763150 (0x6690c30e)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): 1887434624/3041
max received sequence-number: 32
udp encapsulation used for nat traversal: N
[outbound ESP SAs]
spi: 2970386335 (0xb10c7f9f)
proposal: ESP-ENCRYPT-DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): 1887434112/3041
max sent sequence-number: 33
udp encapsulation used for nat traversal: N
----End
Configuration Files
l Configuration file of Router A
#
sysname RouterA
#
ike local-name rta
#
multicast routing-enable
#
acl number 3000
rule 5 permit gre source 20.1.1.1 0.0.0.0 destination 30.1.1.2 0.0.0.0
#
ike peer routerc v1
exchange-mode aggressive
pre-shared-key 12345
local-id-type name
remote-name rtc
remote-address 30.1.1.2
#
ipsec proposal p1
#
Huawei AR1200 Series Enterprise Routers
Configuration Guide - VPN 1 GRE Configuration
Issue 01 (2012-04-20) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
29
To Next Page
Loading...
