Panasonic 8000 User Manual

Page 99

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

background image

2 IPSec and IKE troubleshooting

Nortel Secure Router 8000 Series

_________ Troubleshooting - VAS

Using local-address: {}

Using interface: {Ethernet0/2/0}

IPsec policy name: "map1"

sequence number: 10

mode: manual

securi^ty data flow : 3101

tunnel local address:

tunnel remote address : 202.38 .162 .1

proposal name:t^ran!

inbound AH sett^ing:

AH spi^:

AH string-key:

AH authentication hex key:

inbound ESP set^ting:

ESP spi^: 54321 (0xd431)

ESP string-key: gfedcba

ESP encryption hex key:

ESP authentication hex key:

outbound AH setting:

AH spi^:

AH string-key:

AH authentication hex key:

outbound ESP setting:

ESP spi^: 12345 (0x3039)

ESP string-key: abcdefg

ESP encryption hex key:

ESP authentication hex key:

Using interface: {Ethernet0/2/0}

The display indicates the interface that uses the IPSec policy group.

You can use the ipsec policy command to change the interface that uses IPSec policies.

mode: manual

The display indicates two IPSec policy modes: manual mode and ISAKMP mode.

You can use the ipsec policy

polic^-nawe seq-number

{ manual | isakmp } command to

configure IPSec policies.

securi^ty data flow : 3101

The display indicates the ACL used in the IPSec policy.

You can use the security acl command to modify the configuration.

tunnel local address:

The display indicates the local address of IPSec tunnel. This address is the address of the
interface that uses the IPSec policy group.

tunnel remote address:

The display indicates the IP address of the remote end on the IPSec tunnel. You need to
configure this address only for the manually set up IPSec SA.

You can use the tunnel remote command to modify the configuration.


Nortel Networks Inc.

Issue 01.01 (30 March 2009)