[x]

IPsec commands > display ipsec transform-set

 

 Next

display ipsec transform-set

Use display ipsec transform-set to display information about IPsec transform sets.

Syntax

display ipsec transform-set [ transform-set-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

transform-set-name: Specifies an IPsec transform set by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If you do not specify an IPsec transform set, this command displays information about all IPsec transform sets.

Examples

# Display information about all IPsec transform sets.

<Sysname> display ipsec transform-set
IPsec transform set: mytransform
  State: incomplete
  Encapsulation mode: tunnel
  ESN: Enabled
  PFS:
  Transform: ESP

IPsec transform set: completeTransform
  State: complete
  Encapsulation mode: transport
  ESN: Enabled
  PFS:
  Transform: AH-ESP
  AH protocol:
    Integrity: SHA1
  ESP protocol:
    Integrity: SHA1
    Encryption: AES-CBC-128

Table 44: Command output

Field

Description

IPsec transform set

Name of the IPsec transform set.

State

Whether the IPsec transform set is complete.

Encapsulation mode

Encapsulation mode used by the IPsec transform set: transport or tunnel.

ESN

Whether Extended Sequence Number (ESN) is enabled.

PFS

Perfect Forward Secrecy (PFS) used by the IPsec policy for negotiation:

  • 768-bit Diffie-Hellman group (dh-group1).

  • 1024-bit Diffie-Hellman group (dh-group2).

  • 1536-bit Diffie-Hellman group (dh-group5).

  • 2048-bit Diffie-Hellman group (dh-group14).

  • 2048-bit and 256_bit subgroup Diffie-Hellman group (dh-group24).

  • 256-bit ECP Diffie-Hellman group (dh-group19).

  • 384-bit ECP Diffie-Hellman group (dh-group20).

Transform

Security protocols used by the IPsec transform set: AH, ESP, or both. If both protocols are configured, IPsec uses ESP before AH.

AH protocol

AH settings.

ESP protocol

ESP settings.

Integrity

Authentication algorithm used by the security protocol.

Encryption

Encryption algorithm used by the security protocol.

Related commands

ipsec transform-set

prev

 

up

 next

display ipsec statistics 

home

 display ipsec tunnel

© Copyright 2018 Hewlett Packard Enterprise Development LP