1. Show p1 sa
root> show security ike sa
Index State Initiator cookie Responder cookie Mode Remote Address
140251 UP 0ae9859f01bd1b30 63df09b48848d960 IKEv2 203.0.113.1
root>
root> show security ike sa 203.0.113.1 detail
IKE peer 203.0.113.1, Index 140251, Gateway Name: ASA
Role: Initiator, State: UP
Initiator cookie: 0ae9859f01bd1b30, Responder cookie: 63df09b48848d960
Exchange type: IKEv2, Authentication method: Pre-shared-keys
Local: 203.0.113.2:500, Remote: 203.0.113.1:500
Lifetime: Expires in 17712 seconds
Peer ike-id: 203.0.113.1
Xauth assigned IP: 0.0.0.0
Algorithms:
Authentication : hmac-sha256-128
Encryption : aes256-cbc
Pseudo random function: hmac-sha256
Diffie-Hellman group : DH-group-14
Traffic statistics:
Input bytes : 549136
Output bytes : 549040
Input packets: 6848
Output packets: 6848
Flags: IKE SA is created
IPSec security associations: 6 created, 0 deleted
Phase 2 negotiations in progress: 0
Negotiation type: Quick mode, Role: Initiator, Message ID: 0
Local: 203.0.113.2:500, Remote: 203.0.113.1:500
Local identity: 203.0.113.2
Remote identity: 203.0.113.1
Flags: IKE SA is created
2. Show p2 sa
show security ipsec sa | match 203.0.113.1
show security ipsec sa index 131073
show security ipsec sa vpn-name ASA-VPN detail
root> show security ike sa
Index State Initiator cookie Responder cookie Mode Remote Address
140251 UP 0ae9859f01bd1b30 63df09b48848d960 IKEv2 203.0.113.1
root>
root> show security ike sa 203.0.113.1 detail
IKE peer 203.0.113.1, Index 140251, Gateway Name: ASA
Role: Initiator, State: UP
Initiator cookie: 0ae9859f01bd1b30, Responder cookie: 63df09b48848d960
Exchange type: IKEv2, Authentication method: Pre-shared-keys
Local: 203.0.113.2:500, Remote: 203.0.113.1:500
Lifetime: Expires in 17712 seconds
Peer ike-id: 203.0.113.1
Xauth assigned IP: 0.0.0.0
Algorithms:
Authentication : hmac-sha256-128
Encryption : aes256-cbc
Pseudo random function: hmac-sha256
Diffie-Hellman group : DH-group-14
Traffic statistics:
Input bytes : 549136
Output bytes : 549040
Input packets: 6848
Output packets: 6848
Flags: IKE SA is created
IPSec security associations: 6 created, 0 deleted
Phase 2 negotiations in progress: 0
Negotiation type: Quick mode, Role: Initiator, Message ID: 0
Local: 203.0.113.2:500, Remote: 203.0.113.1:500
Local identity: 203.0.113.2
Remote identity: 203.0.113.1
Flags: IKE SA is created
2. Show p2 sa
show security ipsec sa | match 203.0.113.1
show security ipsec sa index 131073
show security ipsec sa vpn-name ASA-VPN detail
Comments
Post a Comment