Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

show crypto sa with module VAM2+ module

HI,

On a Cisco router 7206VXR with a modul VAM2+, I'd like to know what is the signification of the value of VAM2+ in the "show crypto sa".

The example is below

Cerise#sh crypto ipsec sa

interface: Tunnel1

Crypto map tag: Tunnel1-head-0, local addr 10.254.101.1

protected vrf: (none)

local ident (addr/mask/prot/port): (10.254.101.1/255.255.255.255/47/0)

remote ident (addr/mask/prot/port): (10.254.101.2/255.255.255.255/47/0)

current_peer 10.254.101.2 port 500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 2832, #pkts encrypt: 2832, #pkts digest: 2832

#pkts decaps: 2832, #pkts decrypt: 2832, #pkts verify: 2832

#pkts compressed: 2783, #pkts decompressed: 2783

#pkts not compressed: 49, #pkts compr. failed: 0

#pkts not decompressed: 49, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 10.254.101.1, remote crypto endpt.: 10.254.101.2

path mtu 1476, ip mtu 1476, ip mtu idb Tunnel0

current outbound spi: 0xFDA14883(4255205507)

inbound esp sas:

spi: 0x4950D1CB(1230033355)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/443)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

inbound ah sas:

inbound pcp sas:

spi: 0xB30E(45838)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2009, flow_id: VAM2+:9, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

replay detection support: Y

Status: ACTIVE

outbound esp sas:

spi: 0xFDA14883(4255205507)

transform: esp-256-aes esp-sha-hmac ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/442)

IV size: 16 bytes

replay detection support: Y

Status: ACTIVE

outbound ah sas:

outbound pcp sas:

spi: 0xAA11(43537)

transform: comp-lzs ,

in use settings ={Tunnel, }

conn id: 2010, flow_id: VAM2+:10, crypto map: Tunnel1-head-0

sa timing: remaining key lifetime (k/sec): (4446452/441)

replay detection support: Y

Status: ACTIVE

122
Views
0
Helpful
0
Replies
CreatePlease to create content