Cisco Cisco ASA 5510 Adaptive Security Appliance Leaflet

Cisco ASA Series 명령 참조, S 명령      

5장      show crashinfo through show curpriv 명령

예

글로벌 컨피그레이션 모드에서 입력된 다음 예에서는 SA 데이터베이스에 대한 자세한 정보를 표
시합니다.

ciscoasa(config)# show crypto ikev2 sa detail 

IKEv2 SAs:

Session-id:1, Status:UP-ACTIVE, IKE count:1, CHILD count:1

Tunnel-id                 Local                Remote     Status         Role

671069399 

10.0.0.0/500 10.255.255.255/500      READY    INITIATOR

      Encr: AES-GCM, keysize: 256, Hash: N/A, DH Grp:20, Auth sign: PSK, Auth verify: PSK

      Life/Active Time: 86400/188 sec

      Session-id: 1

      Status Description: Negotiation done

      Local spi: 80173A0373C2D403       Remote spi: AE8AEFA1B97DBB22

      Local id: asa

      Remote id: asa1

      Local req mess id: 8              Remote req mess id: 7

      Local next mess id: 8             Remote next mess id: 7

      Local req queued: 8               Remote req queued: 7

      Local window: 1                   Remote window: 1

      DPD configured for 10 seconds, retry 2

      NAT-T is not detected  

Child sa: local selector  0.0.0.0/0 - 255.255.255.255/65535

          remote selector 0.0.0.0/0 - 255.255.255.255/65535

          ESP spi in/out: 0x242a3da5/0xe6262034  

          AH spi in/out: 0x0/0x0  

          CPI in/out: 0x0/0x0  

          Encr: AES-GCM, keysize: 128, esp_hmac: N/A

          ah_hmac: None, comp: IPCOMP_NONE, mode tunnel

관련 명령

명령

설명

IKEv1 런타임 SA 데이터베이스를 표시합니다.

모든 활성 ISAKMP 컨피그레이션을 표시합니다.