HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 254
encapsulation-mode, Table 39, Command output
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 254 highlights
as defined in ACL 3100 # Display information about IPsec tunnel 1. display ipsec tunnel tunnel-id 1 Tunnel ID: 1 Status: active Perfect forward secrecy: SA's SPI: outbound: 6000 (0x00001770) [AH] inbound: 5000 (0x00001388) [AH] outbound: 8000 (0x00001f40) [ESP] inbound: 7000 (0x00001b58) [ESP] Tunnel: local address: 1.2.3.1 remote address: 2.2.2.2 Flow: as defined in ACL 3100 Table 39 Command output Field Tunnel ID Status Perfect Forward Secrecy SA's SPI Tunnel local address remote address Flow as defined in ACL 3001 Description IPsec ID, used to uniquely identify an IPsec tunnel. IPsec tunnel status. Only active is available. Perfect forward secrecy (PFS) used by the IPsec policy for negotiation: • 768-bit Diffie-Hellman group (dh-group1) • 1024-bit Diffie-Hellman group (dh-group2) • 1536-bit Diffie-Hellman group (dh-group5) • 2048-bit Diffie-Hellman group (dh-group14) • 2048-bit and 256_bit subgroup Diffie-Hellman group (dh-group24) SPIs of the inbound and outbound SAs. Local and remote addresses of the IPsec tunnel. Local end IP address of the IPsec tunnel. Remote end IP address of the IPsec tunnel. Information about the data flow protected by the IPsec tunnel, including source IP address, destination IP address, source port, destination port and protocol. Range of data flow protected by the IPsec tunnel that is established manually. This information shows that the IPsec tunnel protects all data flows defined by ACL 3001. encapsulation-mode Use encapsulation-mode to set the encapsulation mode that the security protocol uses to encapsulate IP packets. Use undo encapsulation-mode to restore the default. 245