Showing ipsec policy – Brocade Multi-Service IronWare Routing Configuration Guide (Supporting R05.6.00) User Manual

Page 722

Advertising
background image

694

Multi-Service IronWare Routing Configuration Guide

53-1003033-02

Displaying OSPFv3 information

Syntax: show ipsec sa

Showing IPsec policy

The show ipsec policy command displays the database for the IPsec security policies. The fields for
this show command output appear in the screen output example that follows. However, you should
understand the layout and column headings for the display before trying to interpret the
information in the example screen.

Each policy entry consists of two categories of information:

The policy information

The SA used by the policy

The policy information line in the screen begins with the heading Ptype and also has the headings
Dir, Proto, Source (Prefix:TCP.UDP Port), and Destination (Prefix:TCP/UDPPort). The SA line contains
the SPDID, direction, encapsulation (always ESP in the current release), the user-specified SPI, For
readability, the policy information is described in

Table 146

, and SA-specific information is in

Table 147

.

Syntax: show ipsec policy

This command takes no parameters.

TABLE 146

IPsec policy information

This field...

Displays...

PType

This field contains the policy type. Of the existing policy types, only the “use” policy
type is supported, so each entry can have only “use.”

Dir

The direction of traffic flow to which the IPsec policy is applied. Each direction has its
own entry.

Brocade#show ipsec policy

IPSEC Security Policy Database(Entries:8)

PType Dir Proto Source(Prefix:TCP/UDP Port)

Destination(Prefix:TCP/UDPPort)

SA: SPDID(vrf:if) Dir Encap SPI Destination

use in OSPF FE80::/10:any

::/0:any

SA: 2:e1/2 in ESP 302 FE80::

use out OSPF FE80::/10:any

::/0:any

SA: 2:e1/2 out ESP 302 ::

use in OSPF FE80::/10:any

::/0:any

SA: 1:e1/1 in ESP 302 FE80::

use out OSPF FE80::/10:any

::/0:any

SA: 1:e1/1 out ESP 302 ::

use in OSPF 2001:db8:1:1::1/128:any

2001:db8:1:1::2/128:any

SA: 1:ALL in ESP 512 2001:db8:1:1::2

use out OSPF 2001:db8:1:1::2/128:any

2001:db8:1:1::1/128:any

SA: 1:e1/1 out ESP 512 2001:db8:1:1::1

Advertising
Popular Brands
Popular manuals