When no optional keyword is used, all security associations are
displayed, sorted by interface, and then by traffic flow. Within a flow, the SAs
are listed by protocol (ESP/AH) and direction (inbound/outbound).
Rtr1#show crypto ipsec sa
interface: Serial0
Crypto map tag: testmap, local addr. 10.0.1.21
local ident (addr/mask/prot/port): (192.168.0.0/255.255.128.0/6/0)
remote ident (addr/mask/prot/port): (192.168.130.0/255.255.255.0/6/0)
current_peer: 10.0.50.2
PERMIT, flags={origin_is_acl,}
#pkts encaps: 60, #pkts encrypt: 60, #pkts digest 60
#pkts decaps: 60, #pkts decrypt: 60, #pkts verify 60
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
#send errors 60, #recv errors 0
local crypto endpt.: 10.0.1.21, remote crypto endpt.: 10.0.50.2
path mtu 1500, media mtu 1500
current outbound spi: 20890A6F
inbound esp sas:
spi: 0x36724AA4(913459876)
transform: ah-md5-hmac esp-md5-hmac esp-des
in use settings ={Tunnel, }
slot: 0, conn id: 58, crypto map: testmap
sa timing: remaining key lifetime (k/sec): (4607461/90)
IV size: 8 bytes
replay detection support: Y
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0x338E791F(864975135)
transform: ah-md5-hmac esp-md5-hmac esp-des
in use settings ={Tunnel, }
slot: 0, conn id: 59, crypto map: testmap
sa timing: remaining key lifetime (k/sec): (4607461/90)
IV size: 8 bytes
replay detection support: Y
outbound ah sas:
outbound pcp sas:
Rtr1#
Sections
Comments (0 posted)
Syndication
