Command Reference Guide
3Com Router 5000 Family and Router 6000 Family display ipsec sa ● 97
Command Reference
Interface: Ethernet1/0/0
path MTU: 1500
===============================
----------------------------------
IPsec policy name: "policy_isakmp"
sequence number: 10
mode: isakmp
----------------------------------
connection id: 4
in use settings = {tunnel}
tunnel local : 162.105.10.1
tunnel remote : 162.105.10.2
[inbound ah SAs]
spi: 3752719292 (0xdfadf3bc)
transform: AH-SHA1HMAC96
sa remaining key duration (bytes/sec): (1887436384/3594)
max received sequence-number: 4
[inbound esp SAs]
spi: 74180629 (0x46be815)
transform: ESP-ENCRYPT-3DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): (1887436528/3594)
max received sequence-number: 4
[outbound esp SAs]
spi: 1394075637 (0x5317e7f5)
transform: ESP-ENCRYPT-3DES ESP-AUTH-MD5
sa remaining key duration (bytes/sec): (1887436464/3594)
max sent sequence-number: 5
[outbound ah SAs]
spi: 2132905296 (0x7f218d50)
transform: AH-SHA1HMAC96
sa remaining key duration (bytes/sec): (1887436336/3594)
max sent sequence-number: 5
View This command can be used in the following views:
■ Any view
Table 2 Detailed information of IPSec SA
Item Description
Interface Interface using ipsec policy
path MTU Maximum IP packet length sent from the interface
ipsec policy ipsec policy used, including name, sequence number and
negotiation method
connection id security tunnel identifier
in use settings IPSec mode, including two types: transport mode and tunnel mode
tunnel local local IP address
tunnel remote remote IP address
inbound SA information of the inbound end
transform proposal used by the ipsec policy
sa remaining key
duration
rest sa duration of SA
max received
sequence-number
maximum sequence number of the received packets (the anti-replay
function provided by the security protocol)
outbound SA information of the outbound end
max sent
sequence-number
maximum sequence number of the sent packets (the anti-replay
function provided by the security protocol)