Reference Guide
1080 | Open Shortest Path First (OSPFv2 and OSPFv3)
www.dell.com | support.dell.com
Example
Figure 38-25. show crypto ipsec sa ipv6 Command
FTOS#show crypto ipsec policy
FTOS#show crypto ipsec sa ipv6
Interface: TenGigabitEthernet 0/0
Link Local address: fe80::201:e8ff:fe40:4d10
IPSecv6 policy name: OSPFv3-1-500
inbound ah sas
spi : 500 (0x1f4)
transform : ah-md5-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
outbound ah sas
spi : 500 (0x1f4)
transform : ah-md5-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
inbound esp sas
outbound esp sas
Interface: TenGigabitEthernet 0/1
Link Local address: fe80::201:e8ff:fe40:4d11
IPSecv6 policy name: OSPFv3-1-600
inbound ah sas
outbound ah sas
inbound esp sas
spi : 600 (0x258)
transform : esp-des esp-sha1-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
outbound esp sas
spi : 600 (0x258)
transform : esp-des esp-sha1-hmac
in use settings : {Transport, }
replay detection support : N
STATUS : ACTIVE
Table 38-17. show crypto ipsec sa ipv6 Command Fields
Field Description
Interface IPv6 interface
Link local address IPv6 address of interface
IPSecv6 policy name Name of the IPsec security policy applied to the interface.
inbound/outbound ah Authentication policy applied to inbound or outbound traffic.
inbound/outbound esp Encryption policy applied to inbound or outbound traffic.
spi Security policy index number used to identify the policy.
transform Security algorithm that is used to provide authentication, integrity, and confidentiality.
in use settings Transform that the SA uses (only transport mode is supported).
replay detection support Y: An SA has enabled the replay detection feature.
N: The replay detection feature is not enabled.
STATUS ACTIVE: The authentication or encryption policy is enabled on the interface.