show security ike sa
Syntax show security ike sa
show security ike sa detail
Release Information Command introduced in Junos OS Release 15.1X53-D47 for the NFX250 Network Services
Platform.
Description Display information about the Internet Key Exchange (IKE) Security Association (SA).
Required Privilege
Level
view
Related
Documentation
ike on page 192•
List of Sample Output show security ike sa on page 201
show security ike sa detail on page 201
Output Fields Table 25 on page 198 lists the output fields for the show security ike sa command and
Table 26 on page 199 lists the output fields for the show security ike sa detail command.
Output fields are listed in the approximate order in which they appear.
Table 25: show security ike sa Output Fields
Field DescriptionField Name
Index number of an SA. This number is an internally generated number you can use to
display information about a single SA.
Index
State of the IKE SAs:
• DOWN - SA has not been negotiated with the peer.
• UP - SA has been negotiated with the peer.
State
Random number, called a cookie, which is sent to the remote node when the IKE
negotiation is triggered.
Initiator cookie
Random number generated by the remote node and sent back to the initiator as a
verification that the packets were received.
A cookie is aimed at protecting the computing resources from attack without spending
excessive CPU resources to determine the cookie's authenticity.
Responder cookie
Mode determines the number of messages and the payload types that are contained
in each message that is exchanged by the two IPsec endpoints, or peers.
Mode
Address of the remote peer.Remote Address
Copyright © 2017, Juniper Networks, Inc.198
JDM User Guide for NFX250 Network Services Platform
To Next Page
Loading...
Need help?
General
