User guide
Appendix G - IPSEC
388 BLACK BOX ® Advanced Console Server
000 "teste": ike_life: 3600s; ipsec_life: 28800s; rekey_margin:
540s; rekey_fuzz: 100%; keyingtries: 0
000 "teste": policy: RSASIG+ENCRYPT+TUNNEL+PFS; interface: eth0;
erouted
000 "teste": newest ISAKMP SA: #5; newest IPsec SA: #6; eroute
owner: #6
000
000 #6: "teste" STATE_QUICK_I2 (sent QI2, IPsec SA established);
EVENT_SA_REPLACE in 28245s; newest IPSEC; eroute owner
000 #6: "teste" esp.4e1a10ce@64.186.161.128
esp.a99f2a63@64.186.161.96 tun.1006@64.186.161.128
tun.1005@64.186.161.96
000 #5: "teste" STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 3019s; newest ISAKMP
As you can see, it shows almost the same information shown by the ipsec auto -up command.
You can use this command if the up command doesn't show anything on the screen (it can
happen depending on the BLACK BOX ® Advanced Console Server syslog configuration).
IPsec and Road Warriors
IPsec, Security for the Internet Protocol
FreeS/WAN is a Linux implementation of the IPsec (IP security) protocols. IPsec provides
encryption and authentication services at the IP (Internet Protocol) level of the network pro-
tocol stack.
Working at this level, IPsec can protect any traffic carried over IP, unlike other encryption
which generally protects only a particular higher-level protocol
—PGP for mail, SSH for
remote login, SSL for Web work, and so on.