195.0.1.100:500 195.0.1.200:500 1687 DONE 0xacf3acd1b3555b6a 0x0af9edbc95622869
195.0.2.100:500 195.0.2.200:500 1688 DONE 0x3153379b32d8c936 0x17f5d77f9badc3cf
195.0.2.100:500 195.0.2.200:500 1688 DONE 0x6573dcbc9bf31fae 0x7af8b4d13078b463
195.0.3.100:500 195.0.3.200:500 1685 DONE 0xdc7df648fcac375a 0x0346752d2881d5c5
195.0.3.100:500 195.0.3.200:500 1685 DONE 0xe776e9ffb6678635 0x8de857af1c681874
195.0.4.100:500 195.0.4.200:500 1690 DONE 0x16410d890500e94e 0xbd47831b55e81c27
•
See show ipsec ike-sa.
•
See show ike sa.
show ipsec lifetime
Use to display the configured IPSec default lifetime.
•
•
Example
host1#
show ipsec lifetime
Default lifetime in seconds is '7200'.
Default lifetime in kilobytes is '4294967295'.
•
See show ipsec lifetime.
show ipsec local-endpoint
•
Use to display the address and transport virtual router of local endpoints.
•
To display the local endpoint of a specific transport virtual router, include the virtual
router name.
•
Example
host1#
show ipsec local-endpoint transport-virtual-router default
Local endpoint for transport-virtual-router default is '0.0.0.0'.
•
See show ipsec local-endpoint.
show ipsec option
Use to display the status, enabled or disabled, of IPSec options configured on the
current virtual router. Information is displayed for the following options:
•
•
Dead peer detection (DPD)
•
Network Address Translation Traversal (NAT-T). For information about configuring
and monitoring NAT-T on L2TP/IPSec tunnels, see “Securing L2TP and IP Tunnels
with IPSec” on page 275.
•
Transmission of invalid cookie notification in ISAKMP messages to peers
•
Example
host1:vrA#
show ipsec option
IPsec options:
Dead Peer Detection: disabled
NAT Traversal : enabled
TX Invalid Cookie : disabled
•
See show ipsec option.
163
Copyright © 2010, Juniper Networks, Inc.
Chapter 5: Configuring IPSec
Summary of Contents for JUNOSE 11.2.X IP SERVICES
Page 6: ...Copyright 2010 Juniper Networks Inc vi...
Page 8: ...Copyright 2010 Juniper Networks Inc viii JunosE 11 2 x IP Services Configuration Guide...
Page 18: ...Copyright 2010 Juniper Networks Inc xviii JunosE 11 2 x IP Services Configuration Guide...
Page 22: ...Copyright 2010 Juniper Networks Inc xxii JunosE 11 2 x IP Services Configuration Guide...
Page 28: ...Copyright 2010 Juniper Networks Inc 2 JunosE 11 2 x IP Services Configuration Guide...
Page 116: ...Copyright 2010 Juniper Networks Inc 90 JunosE 11 2 x IP Services Configuration Guide...
Page 144: ...Copyright 2010 Juniper Networks Inc 118 JunosE 11 2 x IP Services Configuration Guide...
Page 230: ...Copyright 2010 Juniper Networks Inc 204 JunosE 11 2 x IP Services Configuration Guide...
Page 262: ...Copyright 2010 Juniper Networks Inc 236 JunosE 11 2 x IP Services Configuration Guide...
Page 294: ...Copyright 2010 Juniper Networks Inc 268 JunosE 11 2 x IP Services Configuration Guide...
Page 328: ...Copyright 2010 Juniper Networks Inc 302 JunosE 11 2 x IP Services Configuration Guide...
Page 345: ...PART 2 Index Index on page 321 319 Copyright 2010 Juniper Networks Inc...
Page 346: ...Copyright 2010 Juniper Networks Inc 320 JunosE 11 2 x IP Services Configuration Guide...
Page 356: ...Copyright 2010 Juniper Networks Inc 330 JunosE 11 2 x IP Services Configuration Guide...