display ipsec proposal

Function

The display ipsec proposal command displays information about security proposals.

Format

display ipsec proposal [ name proposal-name | brief ]

Parameters

Parameter	Description	Value
name proposal-name	Specifies the name of a security proposal.	The value is a string of 1 to 15 case-sensitive characters. Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.
brief	Specifies to display the brief information about security proposals.	-

Parameter

Description

Value

name proposal-name

Specifies the name of a security proposal.

The value is a string of 1 to 15 case-sensitive characters.

Except the question mark (?) and space. However, when quotation marks (") are used around the password, spaces are allowed in the password.

brief

Specifies to display the brief information about security proposals.

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
ipsec	read

Usage Guidelines

Usage Scenario

IPsec ensures security using the security proposal. You can run the display ipsec proposal command to view the following information:

Name of the IPsec security proposal
Encapsulation mode defined in the security proposal
Security protocol defined in the security proposal
Authentication and encryption algorithms defined in the security proposal

Example

The actual command output varies according to the device. The command output here is only an example.

# Display detailed information about an IPsec proposal.

<HUAWEI> display ipsec proposal name p1
  IPsec proposal name: p1
    encapsulation mode: tunnel
    transform: esp-new
    ESP protocol: authentication SHA2-HMAC-256, encryption 192-AES
    applied to policy: pol1-1-isakmp

# Display brief information about an IPsec proposal.

<HUAWEI> display ipsec proposal brief
current ipsec proposal number: 1
-----------------------------------------------------
Proposal Name      Encapsulation Mode      Transform 
-----------------------------------------------------
 1                 tunnel                  esp-new

# Display information about all security proposals.

<HUAWEI> display ipsec proposal
  Total IPsec proposal number: 2

  IPsec proposal name: p2
    encapsulation mode: transport
    transform: esp-new
    ESP protocol: authentication SHA2-HMAC-256, encryption 256-aes

  IPsec proposal name: p4
    encapsulation mode: tunnel
    transform: ah-new
    AH protocol: authentication SHA2-HMAC-256

**Table 1** Description of the **display ipsec proposal** command output
Item	Description
IPsec proposal name	Name of a security proposal.
encapsulation mode	Encapsulation mode.
ESP protocol	ESP configuration.
applied to policy	IPsec policy to which the IPsec proposal is applied.
current ipsec proposal number	Number of current security proposals.
Total IPsec proposal number	Number of security proposals created.
AH protocol	AH configuration.
transform	Security protocol defined in the security proposal: esp-new: specifies the Encapsulating Security Payload (ESP). ah-new: specifies the Authentication Header (AH). ah-esp-new: specifies both ESP and AH.