beautypg.com

Configuring snmp notifications for ipsec, Displaying and maintaining ipsec – H3C Technologies H3C S6300 Series Switches User Manual

Page 252

background image

237

Configuring SNMP notifications for IPsec

After you enable SNMP notifications for IPsec, the IPsec module notifies the NMS of important module
events. The notifications are sent to the device's SNMP module. You can configure the notification

transmission parameters for the SNMP module to specify how the SNMP module displays notifications.

For more information about SNMP notifications, see Network Management and Monitoring

Configuration Guide.
To generate and output SNMP notifications for IPsec for a specific failure or event type, enable SNMP

notifications for IPsec globally and for the specified failure or event type.
To configure SNMP notifications for IPsec:

Step Command

Remarks

1.

Enter system view

system-view

N/A

2.

Enable SNMP notifications

for IPsec globally.

snmp-agent trap enable ipsec global

By default, SNMP notifications for
IPsec are disabled.

3.

Enable SNMP notifications
for the specified failure or

event type.

snmp-agent trap enable ipsec
[ auth-failure | decrypt-failure |

encrypt-failure | invalid-sa-failure |

no-sa-failure | policy-add |
policy-attach | policy-delete |

policy-detach | tunnel-start |

tunnel-stop ] *

By default, SNMP notifications for
all failure and event types are
disabled.

Displaying and maintaining IPsec

Execute display commands in any view and reset commands in user view.

Task Command

Display IPsec policy information.

display ipsec { ipv6-policy | policy } [ policy-name
[ seq-number ] ]

Display IPsec policy template information.

display ipsec { ipv6-policy-template | policy-template }

[ template-name [ seq-number ] ]

Display IPsec profile information.

display ipsec profile [ profile-name ]

Display IPsec transform set information.

display ipsec transform-set [ transform-set-name ]

Display IPsec SA information.

display ipsec sa [ brief | count | interface interface-type
interface-number | { ipv6-policy | policy } policy-name

[ seq-number ] | profile policy-name | remote [ ipv6 ]

ip-address ]

Display IPsec statistics.

display ipsec statistics [ tunnel-id tunnel-id ]

Display IPsec tunnel information.

display ipsec tunnel { brief | count | tunnel-id tunnel-id }

Clear IPsec SAs.

reset ipsec sa [ { ipv6-policy | policy } policy-name
[ seq-number ] | profile policy-name | remote

{ ipv4-address | ipv6 ipv6-address } | spi { ipv4-address |

ipv6 ipv6-address } { ah | esp } spi-num ]

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: