beautypg.com

H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 381

background image

367

anti-replay check enable: Y

anti-replay window size: 32

udp encapsulation used for nat traversal: N

status: --

[outbound ESP SAs]

spi: 2945451878 (0xaf900766)

proposal: ESP-ENCRYPT-DES ESP-AUTH-SHA1

sa duration (kilobytes/sec): 1843200/3600

sa remaining duration (kilobytes/sec): 1843200/2981

max received sequence-number: 1

udp encapsulation used for nat traversal: N

status: --

# Execute the display ike sa command to display information about IKE SAs.

display ike sa

total phase-1 SAs: 1

connection-id peer flag phase doi status

-----------------------------------------------------------------------

60 133.1.1.33 RD 1 IPSEC --

61 133.1.1.33 RD 2 IPSEC --

62 133.1.1.33 RD 2 IPSEC --

flag meaning

RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT

display ike sa

total phase-1 SAs: 1

connection-id peer flag phase doi status

-----------------------------------------------------------------------

117 133.1.1.33 RD 1 IPSEC --

120 133.1.1.33 RD 2 IPSEC --

121 133.1.1.33 RD 2 IPSEC --

flag meaning

RD--READY ST--STAYALIVE RL--REPLACED FD--FADING TO--TIMEOUT

After the IKE negotiation succeeds and IPsec SAs are successfully established, control packets between
the AP and the ACs are encrypted by IPsec.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: