Command Reference Guide
3Com Router 5000 Family and Router 6000 Family display ipsec policy ● 91
Command Reference
security data flow : 100
selector mode: per-session
tunnel remote address: 162.105.10.2
PFS (Y/N): N
proposal name: prop1
ipsec sa local duration(time based): 3600 seconds
ipsec sa local duration(traffic based): 1843200 kilobytes
===========================================
IPsec Policy Group: "policy_man"
Using interface: {Ethernet1/0/1}
===========================================
-----------------------------------------
IPsec policy name: "policy_man"
sequence number: 10
mode: manual
-----------------------------------------
security data flow : 100
tunnel local address: 162.105.10.1
tunnel remote address: 162.105.10.2
proposal name: prop1
inbound ah setting:
ah spi: 12345 (0x3039)
ah string-key:
ah authentication hex key :
1234567890123456789012345678901234567890
inbound esp setting:
esp spi: 23456 (0x5ba0)
esp string-key:
esp encryption hex key:
1234567890abcdef1234567890abcdef1234567812345678
esp authentication hex key: 1234567890abcdef1234567890abcdef
outbound ah setting:
ah spi: 54321 (0xd431)
ah string-key:
ah authentication hex key:
1122334455667788990011223344556677889900
outbound esp setting:
esp spi: 65432 (0xff98)
esp string-key:
esp encryption hex key:
11223344556677889900aabbccddeeff1234567812345678
esp authentication hex key: 11223344556677889900aabbccddeeff
View This command can be used in the following views:
■ Any view
Table 2 Detailed information of IPSec ipsec policy
Item Description
ipsec policy Name, sequence number and negotiation method of an ipsec policy
security data flow Access control list used by an ipsec policy
selector mode Data stream protection mode
proposal name Name of the proposal used by an ipsec policy
inbound/outbound
ah/esp setting
Settings of inbound/outbound ends using AH/ESP, including SPI and
key
tunnel Local Address Local IP address
tunnel Remote Address Remote IP address
PFS (Y/N) Whether using PFS(Perfect Forward Security) or not