Cisco Cisco ASA 5515-X Adaptive Security Appliance 기술 매뉴얼

   SPI  : 0x8C14FD70

   MTU  : 1500 bytes

   VCID : 0x00000000

   Peer : 0x00000000

   SCB  : 0x0AC609F9

   Channel: 0x00007fffed817200

IPSEC: Completed outbound VPN context, SPI 0x8C14FD70

   VPN handle: 0x00000000000028d4

IPSEC: New outbound encrypt rule, SPI 0x8C14FD70

   Src addr: 172.16.1.2

   Src mask: 255.255.255.255

   Dst addr: 10.1.1.2

   Dst mask: 255.255.255.255

 

     Op   : equal

 

     Op   : equal

  

 

   Use protocol: true

   SPI: 0x00000000

   Use SPI: false

IPSEC: Completed outbound encrypt rule, SPI 0x8C14FD70

   Rule ID: 0x00007fffe1c763d0

IPSEC: New outbound permit rule, SPI 0x8C14FD70

   Src addr: 172.16.1.2

   Src mask: 255.255.255.255

   Dst addr: 10.1.1.2

   Dst mask: 255.255.255.255

   Src ports

     Upper: 0

     Lower: 0

     Op   : ignore

   Dst ports

     Upper: 0

     Lower: 0

     Op   : ignore

   Protocol: 50

   Use protocol: true

   SPI: 0x8C14FD70

   Use SPI: true

IPSEC: Completed outbound permit rule, SPI 0x8C14FD70

   Rule ID: 0x00007fffe1c76a00

May 18 04:17:18 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = 10.1.1.2, NP encrypt rule look up for

crypto map outside_dyn_map 10 matching ACL Unknown: returned cs_id=e148a8b0;

encrypt_rule=00000000; tunnelFlow_rule=00000000

May 18 04:17:18 [IKEv1]Group = DefaultRAGroup, IP = 10.1.1.2, Security negotiation complete for

User ()  Responder, Inbound SPI = 0x7ad72e0d, Outbound SPI = 0x8c14fd70

May 18 04:17:18 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = 10.1.1.2, IKE got a KEY_ADD msg for

SA: SPI = 0x8c14fd70

IPSEC: New embryonic SA created @ 0x00007fffe13ab260,

   SCB: 0xE1C00540,

   Direction: inbound

   SPI      : 0x7AD72E0D

   Session ID: 0x00001000

   VPIF num  : 0x00000002

   Tunnel type: ra

   Protocol   : esp

   Lifetime   : 240 seconds

IPSEC: Completed host IBSA update, SPI 0x7AD72E0D