show crypto sa with module VAM2+ module

Unanswered Question
Feb 21st, 2008

HI,

On a Cisco router 7206VXR with a modul VAM2+, I'd like to know what is the signification of the value of VAM2+ in the "show crypto sa".

The example is below

Cerise#sh crypto ipsec sa

interface: Tunnel1

Crypto map tag: Tunnel1-head-0, local addr 10.254.101.1

protected vrf: (none)

local ident (addr/mask/prot/port): (10.254.101.1/255.255.255.255/47/0)

remote ident (addr/mask/prot/port): (10.254.101.2/255.255.255.255/47/0)

current_peer 10.254.101.2 port 500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 2832, #pkts encrypt: 2832, #pkts digest: 2832

#pkts decaps: 2832, #pkts decrypt: 2832, #pkts verify: 2832

#pkts compressed: 2783, #pkts decompressed: 2783

#pkts not compressed: 49, #pkts compr. failed: 0

#pkts not decompressed: 49, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 10.254.101.1, remote crypto endpt.: 10.254.101.2

path mtu 1476, ip mtu 1476, ip mtu idb Tunnel0

current outbound spi: 0xFDA14883(4255205507)

inbound esp sas:

spi: 0x4950D1CB(1230033355)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/443)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

inbound ah sas:

inbound pcp sas:

spi: 0xB30E(45838)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

replay detection support: Y

Status: ACTIVE

outbound esp sas:

spi: 0xFDA14883(4255205507)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

outbound ah sas:

outbound pcp sas:

spi: 0xAA11(43537)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/441)

replay detection support: Y

Status: ACTIVE

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion