Date: Thu, 28 Mar 2024 14:48:05 +0000 (GMT) Message-ID: <942930364.1624.1711637285518@a2be6a7a0dbc> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_1623_1205393401.1711637285517" ------=_Part_1623_1205393401.1711637285517 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
IPsec is used to open an encrypted tunnel between 2 nodes.
We use it for remote offices access over unsecure networks.
#> show security ike security-associations
node0:
-----------= ---------------------------------------------------------------
Index St= ate Initiator cookie Responder cookie Mode Remote Address
3844846 UP 8db= d93d0cc99fd49 b100412715f614eb Main 10.20.54.255
#> show security ipsec security-associations
node0:
---------= -----------------------------------------------------------------
Total = active tunnels: 1 Total Ipsec sas: 2
ID Algorithm SPI Life:sec/kb Mon ls= ys Port Gateway
<131073 ESP:aes-cbc-256/sha256 4ec70ecf 3184/ unlim -= root 500 10.20.54.255
>131073 ESP:aes-cbc-256/sha256 19cad505 3184/ = unlim - root 500 10.20.54.255
<131073 ESP:aes-cbc-256/sha256 663c944f= 3192/ unlim - root 500 10.20.54.255
>131073 ESP:aes-cbc-256/sha256 3= e638bf3 3192/ unlim - root 500 10.20.54.255
#> show security ipsec statistics
node0:
--------------------= ------------------------------------------------------
ESP Statistic= s:
Encrypted bytes: 64366130192
Decrypted bytes: 22801202965
Encry= pted packets: 114170364
Decrypted packets: 54108301
AH Statistics:
Input bytes: 0
Output bytes: 0
Input packets: 0
Output packets: 0=
Errors:
AH authentication failures: 0, Replay errors: 0
ESP authe= ntication failures: 0, ESP decryption failures: 0
Bad headers: 0, Bad tr= ailers: 0
node1:
------------------------------------------------= --------------------------
ESP Statistics:
Encrypted bytes: 50263= 2
Decrypted bytes: 221067
Encrypted packets: 1770
Decrypted packet= s: 779
AH Statistics:
Input bytes: 0
Output bytes: 0
Input pack= ets: 0
Output packets: 0
Errors:
AH authentication failures: 0, Re= play errors: 0
ESP authentication failures: 0, ESP decryption failures: = 0
Bad headers: 0, Bad trailers: 0