- 积分
- 95
- 鸿鹄币
- 个
- 好评度
- 点
- 精华
- 注册时间
- 2018-3-24
- 最后登录
- 1970-1-1
- 阅读权限
- 20
- 听众
- 收听
助理工程师
|
发表于 2019-6-25 15:24:59
|
显示全部楼层
本帖最后由 blk 于 2019-6-25 15:32 编辑
1 L" _5 \/ F0 t: L) J, I* t& O% v
C/ }/ v# W: \R1#show crypto isakmp sa detail
! I: s" s+ m0 S: C+ Y; jCodes: C - IKE configuration mode, D - Dead Peer Detection
. T) q8 m/ `7 u8 m' g K - Keepalives, N - NAT-traversal' F% b. f3 Q P7 Y- R# H3 r
T - cTCP encapsulation, X - IKE Extended Authentication5 N3 b+ i' i$ f
psk - Preshared key, rsig - RSA signature* g" J0 B7 w- ~1 b: o
renc - RSA encryption
# R+ u/ J; z% E0 X# zIPv4 Crypto ISAKMP SA
. m- Y9 O& L/ R; u7 k& i0 uC-id Local Remote I-VRF Status Encr Hash Auth DH Lifetime Cap.% u' r* A% c* L7 \5 ^4 b3 O& y; C& T
1001 10.1.1.1 10.1.1.2 ACTIVE 3des md5 psk 2 23:58:03
: M6 A1 h/ g4 |3 h: v Engine-id:Conn-id = SW:1
z$ c% v1 Y( \" N: L8 j( D" N/ F5 ?$ G; ?9 x6 r0 h
R1#show crypto isakmp peers ! s6 Q9 E! Q5 |( I' [+ C
Peer: 10.1.1.2 Port: 500 Local: 10.1.1.1
2 ?1 r+ G7 Z9 a8 V Phase1 id: 10.1.1.2
0 z4 {2 [' y. A% h* A
4 S0 F! m F0 ]5 y) b: |debug crypto isakmp% X5 }, s) M4 y$ h- w% a
$ `2 n& @6 i- M; z" v' R3 K5 `! wThis output shows an example of the debug crypto isakmp command.
% r7 M: L. {. `$ `" G7 `
W3 q: }9 ?0 Y2 P8 f& B processing SA payload. message ID = 0
5 H4 {. g4 H& M Checking ISAKMP transform against priority 1 policy
' r. `2 ?- y( S7 ~4 M! q- a encryption DES-CBC 2 {) r7 @+ W% ?; ?) V
hash SHA 1 l; w1 ^, Q, T* I* i1 _) J+ T
default group 2 2 Z3 T5 t6 i8 F2 ^" c: z
auth pre-share
) h! h2 y3 z* f5 Y life type in seconds
h8 P) m; G A$ i life duration (basic) of 240 3 N3 |8 i: [; @7 b1 p; w
atts are acceptable. Next payload is 0
7 t9 [ ^6 X7 B+ N1 S' w processing KE payload. message ID = 0 7 P* Y" D% M' I. O1 Y
processing NONCE payload. message ID = 0 6 p$ K) T# j. G$ P, b" Q
processing ID payload. message ID = 0
}1 m- T" c8 K4 V( c. W SKEYID state generated 7 _6 n6 x! ?! k) U+ _0 n
processing HASH payload. message ID = 0 # D. n j, O( Z
SA has been authenticated
6 f. Y; a0 {$ D& ^! z processing SA payload. message ID = 800032287
1 A; c+ a; N9 N
& E4 P& F( f9 j/ y% Y( g; `; P) ~* f$ W
- j( ^4 x/ S* c5 m! w' ~: z我想SHOW EIGRP 和 SHOW CRYPTO ISAKMP PEERS 那2個是沒有爭議的 6 m& C. I3 d9 k0 J# ~4 g) j
我相信是爭議在show crypto isakmp sa detail 和debug crypto% R* s6 y6 B% {2 ^
isakmp |
6#
2019-6-25 15:24:59
回复(0)
收起回复
|