show crypto sa with module VAM2+ module

Unanswered Question
Feb 21st, 2008
User Badges:

HI,


On a Cisco router 7206VXR with a modul VAM2+, I'd like to know what is the signification of the value of VAM2+ in the "show crypto sa".


The example is below




Cerise#sh crypto ipsec sa


interface: Tunnel1

Crypto map tag: Tunnel1-head-0, local addr 10.254.101.1


protected vrf: (none)

local ident (addr/mask/prot/port): (10.254.101.1/255.255.255.255/47/0)

remote ident (addr/mask/prot/port): (10.254.101.2/255.255.255.255/47/0)

current_peer 10.254.101.2 port 500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 2832, #pkts encrypt: 2832, #pkts digest: 2832

#pkts decaps: 2832, #pkts decrypt: 2832, #pkts verify: 2832

#pkts compressed: 2783, #pkts decompressed: 2783

#pkts not compressed: 49, #pkts compr. failed: 0

#pkts not decompressed: 49, #pkts decompress failed: 0

#send errors 0, #recv errors 0


local crypto endpt.: 10.254.101.1, remote crypto endpt.: 10.254.101.2

path mtu 1476, ip mtu 1476, ip mtu idb Tunnel0

current outbound spi: 0xFDA14883(4255205507)


inbound esp sas:

spi: 0x4950D1CB(1230033355)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/443)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE


inbound ah sas:


inbound pcp sas:

spi: 0xB30E(45838)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

replay detection support: Y

Status: ACTIVE


outbound esp sas:

spi: 0xFDA14883(4255205507)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE


outbound ah sas:


outbound pcp sas:

spi: 0xAA11(43537)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/441)

replay detection support: Y

Status: ACTIVE

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion