EasyManua.ls Logo

Juniper NFX250 - Page 219

Juniper NFX250
230 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Table 26: show security ike sa detail Output Fields (continued)
Field DescriptionField Name
Number of Phase 2 IKE negotiations in progress and status information:
Negotiation type - Type of Phase 2 negotiation. Junos OS currently supports quick
mode.
Message ID - Unique identifier for a Phase 2 negotiation.
Local identity - Identity of the local Phase 2 negotiation. The format is id-type-name
(proto-name:port-number,[0..id-data-len] = iddata-presentation).
Remote identity - Identity of the remote Phase 2 negotiation. The format is
id-type-name (proto-name:port-number,[0..id-data-len] = iddata-presentation).
Flags - Notification to the key management process of the status of the IKE
negotiation:
caller notification sent - Caller program notified about the completion of the IKE
negotiation.
waiting for done - Negotiation is done. The library is waiting for the remote end
retransmission timers to expire.
waiting for remove - Negotiation has failed. The library is waiting for the remote
end retransmission timers to expire before removing this negotiation.
waiting for policy manager - Negotiation is waiting for a response from the policy
manager.
Phase 2 negotiations in progress
Sample Output
show security ike sa
user@jdm> show security ike sa
Index State Initiator cookie Responder cookie Mode Remote Address
7796166 UP a1a6b1516bc43d54 f0846e4239c817f8 Aggressive 2.2.2.2
show security ike sa detail
user@jdm> show security ike sa detail
IKE peer 2.2.2.2, Index 7796166, Gateway Name: GW1
Role: Initiator, State: UP
Initiator cookie: a1a6b1516bc43d54, Responder cookie: f0846e4239c817f8
Exchange type: Aggressive, Authentication method: Pre-shared-keys
Local: 3.3.3.2:500, Remote: 2.2.2.2:500
Lifetime: Expires in 3585 seconds
Reauth Lifetime: Disabled
IKE Fragmentation: Disabled, Size: 0
Remote Access Client Info: Unknown Client
Peer ike-id: 2.2.2.2
AAA assigned IP: 0.0.0.0
Algorithms:
Authentication : hmac-sha256-128
Encryption : aes256-cbc
Pseudo random function: hmac-sha256
Diffie-Hellman group : DH-group-14
Traffic statistics:
Input bytes : 1056
Output bytes : 1311
Input packets: 2
201Copyright © 2017, Juniper Networks, Inc.
Chapter 9: IPSec-NM Configuration Statements and Operational Commands

Table of Contents

Other manuals for Juniper NFX250

Preview: Quick Start
Quick Start9 pages
Preview: Quick Start Guide
Quick Start Guide7 pages

Related product manuals