Reference Guide
700 | Open Shortest Path First (OSPFv2 and OSPFv3)
www.dell.com | support.dell.com
Transform set : ah-md5-hmac
Crypto IPSec client security policy data
Policy name : OSPFv3-0-501
Policy refcount : 1
Inbound ESP SPI : 501 (0x1F5)
Outbound ESP SPI : 501 (0x1F5)
Inbound ESP Auth Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba8ed8bb5efe91e97eb7c0c30808825fb5
Outbound ESP Auth Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba8ed8bb5efe91e97eb7c0c30808825fb5
Inbound ESP Cipher Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba10345a1039ba8f8a
Outbound ESP Cipher Key :
bbdd96e6eb4828e2e27bc3f9ff541e43faa759c9ef5706ba10345a1039ba8f8a
Transform set : esp-128-aes esp-sha1-hmac
To display the IPsec security associations (SAs) used on OSPFv3 interfaces, enter the following command:
FTOS#show crypto ipsec sa ipv6
Interface: TenGigabitEthernet 0/0
Link Local address: fe80::201:e8ff:fe40:4d10
IPSecv6 policy name: OSPFv3-1-500
inbound ah sas
spi : 500 (0x1f4)
transform : ah-md5-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
outbound ah sas
spi : 500 (0x1f4)
transform : ah-md5-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
Command Syntax Command Mode Usage
show crypto ipsec sa ipv6
[interface interface]
EXEC Privilege Displays security associations set up for OSPFv3 links in IPsec
authentication and encryption policies on the router.
To display information on the SAs used on a specific interface,
enter interface interface, where interface is one of the
following values:
For a 1-Gigabit Ethernet interface, enter
GigabitEthernet slot/port.
For a Port Channel interface, enter port-channel number. Valid
port-channel numbers (on an E-Series TeraScale):
1 to 255.
For a 10-Gigabit Ethernet interface, enter TenGigabitEthernet
slot/port.
For a VLAN interface, enter vlan vlan-id.
Valid VLAN IDs: 1 to 4094