Cisco Cisco ASA 5580 Adaptive Security Appliance Leaflet
5-37
思科 ASA 系列命令参考,S 命令
第 5 章 show crashinfo 至 show curpriv 命令
show crypto ikev2 sa
Tunnel-id Local Remote Status Role
671069399
10.0.0.0/500 10.255.255.255/500 READY INITIATOR
Encr: AES-GCM, keysize: 256, Hash: N/A, DH Grp:20, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/188 sec
Session-id: 1
Status Description: Negotiation done
Local spi: 80173A0373C2D403 Remote spi: AE8AEFA1B97DBB22
Local id: asa
Remote id: asa1
Local req mess id: 8 Remote req mess id: 7
Local next mess id: 8 Remote next mess id: 7
Local req queued: 8 Remote req queued: 7
Local window: 1 Remote window: 1
DPD configured for 10 seconds, retry 2
NAT-T is not detected
Child sa: local selector 0.0.0.0/0 - 255.255.255.255/65535
remote selector 0.0.0.0/0 - 255.255.255.255/65535
ESP spi in/out: 0x242a3da5/0xe6262034
AH spi in/out: 0x0/0x0
CPI in/out: 0x0/0x0
Encr: AES-GCM, keysize: 128, esp_hmac: N/A
ah_hmac: None, comp: IPCOMP_NONE, mode tunnel
相关命令
命令
说明
show crypto ikev1 sa
显示
IKEv1 运行时 SA 数据库。
show running-config
crypto isakmp
crypto isakmp
显示所有活动的
ISAKMP 配置。