Cisco 3DES Скачать руководство пользователя | Manualshive

Страница: 7 / 23

background image

DES/3DES/AES VPN Encryption Module (AIM-VPN/EPII, AIM-VPN/HPII, AIM-VPN/BPII Family)

clear crypto engine accelerator counter

7

Cisco IOS Release 12.3(7)T

debug crypto engine accelerator
control

Displays each control command as it is given to the crypto
engine.

debug crypto engine accelerator
packet

Displays information about each packet sent for encryption and
decryption.

show crypto engine accelerator
ring

Displays the contents of command and transmits rings for the
crypto engine.

show crypto engine accelerator
sa

-

database

Displays the active entries in the crypto engine SA database.

show crypto engine accelerator
statistic

Displays the current run-time statistics and error counters for
the crypto engine.

show crypto engine brief

Displays a summary of the configuration information for the
crypto engine.

show crypto engine configuration

Displays the version and configuration information for the
crypto engine.

show crypto engine connections

Displays a list of the current connections maintained by the
crypto engine.

Command Description

«
...
5
6
7
8
9
...
»

Содержание 3DES

Страница 1: ...o com If you do not have an account or have forgotten your username or password click Cancel at the login dialog box and follow the instructions that appear Feature History Release Modification 12 2 13 T This feature was introduced on the Cisco 2691 Cisco 3660 Cisco 3725 and Cisco 3745 12 2 15 ZJ This feature was introduced on the AIM VPN BPII on the following platforms Cisco 2610XM Cisco 2611XM C...

Страница 2: ...ore information about configuring IP refer to the Cisco IOS IP Configuration Guide Release 12 3 Choice of Encryption Module Determine which VPN encryption module to use as described in Table 1 Table 1 AIM VPN Encryption Module Support by Cisco IOS Release Platform Encryption Module Support by Cisco IOS Release 12 2 13 T 12 3 4 T 12 3 5 12 3 6 12 3 7 T Cisco 831 Software based AES Cisco 1710 Cisco ...

Страница 3: ...a If no encryption hardware is detected software is used to encrypt data Additional References The following sections provide additional references pertaining to VPN Encryption Modules Related Documents Cisco 3725 AIM VPN EPII Hardware Encryption Module AIM VPN EPII Plus Hardware Encryption Module Cisco 3660 Cisco 3745 AIM VPN HPII Hardware Encryption Module AIM VPN HPII Plus Hardware Encryption M...

Страница 4: ...ture To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs RFCs Title 2401 2410 IPSec AH ESP 2401 2411 IPsec IKE 2401 2451 IPsec IKE AES NIST Advanced Encryption Standard and The National Institute of Standards and Technology Description Link Technical Assistance Center TAC home page contai...

Страница 5: ...eference This section documents modified commands All other commands used with this feature are documented in the Cisco IOS Release 12 3 command reference publications clear crypto engine accelerator counter crypto engine accelerator show crypto engine show crypto engine accelerator statistic show crypto engine accelerator ring show diag ...

Страница 6: ...outer 12 2 13 T This command was integrated into Cisco IOS Release 12 2 13 T and implemented for the AIM VPN EPII AIM VPN HPII on the following platforms Cisco 2691 Cisco 3660 Cisco 3725 and Cisco 3745 12 2 15 ZJ This command was implemented for the AIM VPN BPII on the following platforms Cisco 2610XM Cisco 2611XM Cisco 2620XM Cisco 2621XM Cisco 2650XM and Cisco 2651XM 12 3 4 T This command was in...

Страница 7: ...contents of command and transmits rings for the crypto engine show crypto engine accelerator sa database Displays the active entries in the crypto engine SA database show crypto engine accelerator statistic Displays the current run time statistics and error counters for the crypto engine show crypto engine brief Displays a summary of the configuration information for the crypto engine show crypto ...

Страница 8: ...nstruction from Cisco TAC personnel Examples The following example shows how to enable the router s onboard hardware accelerator for IPSec encryption This operation is normally needed only after the accelerator has been disabled for testing or debugging purposes Router config no crypto engine accel Warning all current connections will be torn down Do you want to continue yes no Release Modificatio...

Страница 9: ...hic session crypto map Creates and modifies a crypto map for a session debug crypto engine accelerator control Displays each control command as it is given to the crypto engine debug crypto engine accelerator packet Displays information about each packet sent for encryption and decryption show crypto engine accelerator ring Displays the contents of command and transmits rings for the crypto engine...

Страница 10: ... Network VPN Module crypto engine type hardware VPN Module in slot 1 Product Name AIM VPN EPII Software Serial 55AA Device ID 0014 Vendor ID 13A3 VSK revision 0 Boot version 255 DPU version 0 HSP version 2 0 0x0 PRODUCTION Time running 0 Seconds Compression Yes DES Yes 3 DES Yes AES CBC Yes 128 192 256 AES CNTR No Maximum buffer length 4096 brief Displays a summary of the configuration information...

Страница 11: ...ther the Route Switch Processor RSP the Cisco IOS crypto engine or in a second generation Versatile Interface Processor VIP2 If crypto card or ESA is listed the crypto engine is associated with an Encryption Service Adapter ESA crypto engine state The state installed indicates that a crypto engine is located in the given slot but is not configured for encryption The state dss key generated indicat...

Страница 12: ...fore decrypt 0 bytes encrypted 0 bytes decrypted 0 bytes after encrypt 0 packets decompressed 0 packets compressed 0 bytes before decomp 0 bytes before comp 0 bytes after decomp 0 bytes after comp 0 packets bypass decompr 0 packets bypass compres 0 bytes bypass decompres 0 bytes bypass compressi 0 packets not decompress 0 packets not compressed 0 bytes not decompressed 0 bytes not compressed 1 0 1...

Страница 13: ...eral 0 Note Command output for plus and non plus VPN encryption modules is identical Table 3 describes significant fields shown in the display Table 3 show crypto engine accelerator statistic Field Descriptions Counter Description packets in Number of packets passed to the VPN module for either encryption or decryption packets out Number of packets returned from the VPN module to IPSEC This would ...

Страница 14: ... algorithm because they were too short bytes bypass decompres The Number of bytes in the payload that correspond to the number of bytes in packets bypass decompression bytes bypass compressi Number of bytes in the packets that were not compressed by the originating router because they were too short packets not decompress Number of bytes in the packets that were not decompressed by the compression...

Страница 15: ...ar of counters Interrupts 142719745 Immed 3 HiPri ints 142696635 LoPri ints 27507 POST Errs 0 Alerts 1 Unk Cmds 0 UnexpCmds 0 cgx_cmd_pending 0 packet_loop_max 0 packet_loop_limit 0 Table 4 describes significant fields shown in the display Table 4 show crypto engine accelerator statistic Compression Statistics Descriptions for a Cisco 2600 Cisco 3600 or Cisco 3700 VPN module Count Label Significan...

Страница 16: ...queue full fw_resource_lock Flow was deleted by IPSEC while VPN Module was processing the packet or packet has a NULL Local Address or packet does not have room for encapsulation headers 4104 resource swamp lotx_full_err Not used in Cisco 2600 3600 VPN 4354 null ip null_ip_error Not used in Cisco 2600 3600 VPN pad_size_error Unable to remove pad bytes in packet 4612 pad size error out_bound_dh_acc...

Страница 17: ... large to be handled It has more particles than the VPN Module can physically handle 6144 pak too large pak_mp_length_spec_fa ult Packet received for encryption decryption that is larger than the VPN Module MTU size or a packet is smaller than its encapsulation 4102 pkt spec fault tx_lo_queue_size_max Not used in Cisco 2600 3600 VPN cmd_unimplemented A command unsupported by the VPN hardware was p...

Страница 18: ...amic map Creates a dynamic map crypto configuration for a session crypto engine accelerator Enables the use of the onboard hardware accelerator for IPSec encryption crypto ipsec Defines the IPSec security associations and transformation sets crypto isakmp Enables and defines the IKE protocol and its parameters crypto key Generates and exchanges keys for a cryptographic session crypto map Creates a...

Страница 19: ... 10 tail 10 source ring head 10 tail 10 control Optional Displays the number of control commands that are queued for execution by the hardware accelerator crypto engine packet Optional Displays the contents and status information for the transmit packet rings that are used by the hardware accelerator crypto engine pool Optional Displays the contents and status information for the receive packet ri...

Страница 20: ...IPSec security associations and transformation sets crypto isakmp Enables and defines the IKE protocol and its parameters crypto key Generates and exchanges keys for a cryptographic session crypto map Creates and modifies a crypto map for a session debug crypto engine accelerator control Displays each control command as it is given to the crypto engine debug crypto engine accelerator packet Displa...

Страница 21: ...Board Revision A0 Deviation Number 0 0 Fab Version 02 PCB Serial Number JAB9801ABCD RMA Test History 00 RMA Number 0 0 0 0 RMA History 00 EEPROM format version 4 slot Optional Slot number of the interface Release Modification 11 1 CA This command was introduced 11 2 P This command was modified to update the example for PA 12E 2FE port adapter PA E3 port adapter and PA T3 port adapter 11 3 XA This ...

Страница 22: ...umber signifying a minor revision of the Cisco uBR7200 series port adapter C2611 2E Mainboard Port adapter 2 ports Line card type number of ports available Deviation Number Revision number signifying a minor deviation of the port adapter EEPROM contents hex Dumps of EEPROM programmed data EEPROM format version Version number of the EEPROM format Hardware Revision Version number of the Cisco 2611 s...

Страница 23: ...y Copyright 2004 Cisco Systems Inc All rights reserved CCVP the Cisco logo and Welcome to the Human Network are trademarks of Cisco Systems Inc Changing the Way We Work Live Play and Learn is a service mark of Cisco Systems Inc and Access Registrar Aironet Catalyst CCDA CCDP CCIE CCIP CCNA CCNP CCSP Cisco the Cisco Certified Internetwork Expert logo Cisco IOS Cisco Press Cisco Systems Cisco System...

Отзывы:

Нет отзывов

Похожие инструкции для 3DES

Бренд: Panasonic Страницы: 24

Бренд: Panasonic Страницы: 2

BB-HCM381A - Network Camera

Бренд: Panasonic Страницы: 28

BB-HCM381A - Network Camera

Бренд: Panasonic Страницы: 2

Бренд: Wave wifi Страницы: 2

grandMA2 Series

Бренд: MA lighting Страницы: 36

Бренд: PaloAlto Networks Страницы: 2

FrameSaver 9120

Бренд: Paradyne Страницы: 2

Бренд: YASKAWA Страницы: 68

PARTNER Voice Messaging PC Card Release 2

Бренд: Lucent Technologies Страницы: 67

Бренд: Grizzly Страницы: 9

Бренд: Caton Страницы: 18

Бренд: BHU NETWORKS Страницы: 75

REJ06B0734-0100

Бренд: Renesas Страницы: 19

Бренд: Kontron Страницы: 62

Бренд: Supermicro Страницы: 131

Бренд: Advantech Страницы: 66

Бренд: LUX LUMEN Страницы: 41

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды