Ipsec display commands, Ipsec display, Commands – Dell POWEREDGE M1000E User Manual

Page 478: Section

Advertising
background image

446

Fabric OS Command Reference

53-1001764-02

ipSecConfig

2

IPSec display commands
To display the IPSec IKE Policy:

switch:admin>

ipsecconfig --show policy ike -a

IKE-01 version:ikev2 remote:10.33.69.132

local-id:10.33.74.13 remote-id:10.33.69.132

encryption algorithm: 3des_cbc

hash algorithm: hmac_md5

prf algorithm: hmac_md5

dh group: 2 1

auth method:rsasig

public-key:"/etc/fabos/certs/sw0/thawkcert.pem"

private-key:"/etc/fabos/certs/sw0/thawkkey.pem"

peer-public-key:"/etc/fabos/certs/sw0/spiritcert.pem

To display the outbound and inbound SAs in the kernel SA database:

switch:admin>

ipsecconfig --show manual-sa -a

10.33.69.132[0] 10.33.74.13[0]

ah mode=transport spi=34560190(0x020f58be) reqid=0(0x00000000)

A: hmac-md5 7e5aeb47 e0433649 c1373625 34a64ece

seq=0x00000000 replay=32 flags=0x00000000 state=mature

created: Oct 15 23:34:55 2008 current: Oct 15 23:35:06 2008

diff: 11(s) hard: 2621440(s) soft: 2100388(s)

last: Oct 15 23:34:56 2008 hard: 0(s) soft: 0(s)

current: 256(bytes) hard: 0(bytes) soft: 0(bytes)

allocated: 4 hard: 0 soft: 0

sadb_seq=1 pid=10954 refcnt=0

10.33.74.13[0] 10.33.69.132[0]

ah mode=transport spi=48095089(0x02dddf71) reqid=0(0x00000000)

A: hmac-md5 c84d27e5 960d116c bf7c0e4a b232c49e

seq=0x00000000 replay=32 flags=0x00000000 state=mature

created: Oct 15 23:34:55 2008 current: Oct 15 23:35:06 2008

diff: 11(s) hard: 2621440(s) soft: 2137448(s)

last: Oct 15 23:34:55 2008 hard: 0(s) soft: 0(s)

current: 540(bytes) hard: 0(bytes) soft: 0(bytes)

allocated: 5 hard: 0 soft: 0

sadb_seq=0 pid=10954 refcnt=0

To display a specified IPSec SA:

switch:admin>

ipsecconfig --show policy ips sa -t sa-esp-1

sa-esp-1 ipsec-protocol:esp

encryption

algorithm:

aes128_cbc

3des_cbc

authentication

algorithm:

hmac_sha1

hmac_md5

To display all IPSec SA proposals:

switch:admin>

ipsecconfig --show policy ips sa-proposal -a

ipsec-esp-a-b SA(s) used:sa-esp-1 sa-ah-1

lifetime

in

seconds:infinite

lifetime

in

bytes:infinite

ipsec-esp-def SA(s) used:sa-esp-1

lifetime

in

seconds:infinite

lifetime

in

bytes:infinite

Advertising
Popular Brands
Popular manuals