HP AM866A Brocade Fabric OS Command Reference Manual v6.2.0 (53-1001186-01, Ap - Page 418
To display the IPSec IKE Policy, To display all IPsec SA proposals
UPC - 884420064602
View all HP AM866A manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 418 highlights
2 ipsecConfig IPsec display commands To display the IPSec IKE Policy: switch:admin> ipsecconfig --show policy ike -a IKE-01 version:ikev2 remote:10.33.69.132 local-id:10.33.74.13 remote-id:10.33.69.132 encryption algorithm: 3des_cbc hash algorithm: hmac_md5 prf algorithm: hmac_md5 dh group: 2 1 auth method:rsasig public-key:"/etc/fabos/certs/sw0/thawkcert.pem" private-key:"/etc/fabos/certs/sw0/thawkkey.pem" peer-public-key:"/etc/fabos/certs/sw0/spiritcert.pem To display the outbound and inbound SAs in the kernel SA database: switch:admin> ipsecconfig --show manual-sa -a 10.33.69.132[0] 10.33.74.13[0] ah mode=transport spi=34560190(0x020f58be) reqid=0(0x00000000) A: hmac-md5 7e5aeb47 e0433649 c1373625 34a64ece seq=0x00000000 replay=32 flags=0x00000000 state=mature created: Oct 15 23:34:55 2008 current: Oct 15 23:35:06 2008 diff: 11(s) hard: 2621440(s) soft: 2100388(s) last: Oct 15 23:34:56 2008 hard: 0(s) soft: 0(s) current: 256(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 4 hard: 0 soft: 0 sadb_seq=1 pid=10954 refcnt=0 10.33.74.13[0] 10.33.69.132[0] ah mode=transport spi=48095089(0x02dddf71) reqid=0(0x00000000) A: hmac-md5 c84d27e5 960d116c bf7c0e4a b232c49e seq=0x00000000 replay=32 flags=0x00000000 state=mature created: Oct 15 23:34:55 2008 current: Oct 15 23:35:06 2008 diff: 11(s) hard: 2621440(s) soft: 2137448(s) last: Oct 15 23:34:55 2008 hard: 0(s) soft: 0(s) current: 540(bytes) hard: 0(bytes) soft: 0(bytes) allocated: 5 hard: 0 soft: 0 sadb_seq=0 pid=10954 refcnt=0 To display a specified IPsec SA: switch:admin> ipsecconfig --show policy ips sa -t sa-esp-1 sa-esp-1 ipsec-protocol:esp encryption algorithm: aes128_cbc 3des_cbc authentication algorithm: hmac_sha1 hmac_md5 To display all IPsec SA proposals: switch:admin> ipsecconfig --show policy ips sa-proposal -a ipsec-esp-a-b SA(s) used:sa-esp-1 sa-ah-1 lifetime in seconds:infinite lifetime in bytes:infinite ipsec-esp-def SA(s) used:sa-esp-1 lifetime in seconds:infinite lifetime in bytes:infinite 390 Fabric OS Command Reference 53-1001186-01