IPSec VPN tunnels monitoring

This module allows you to view tunnels in active IPSec policies on the firewall (tunnels that have been set up using the native IPSec interface or virtual IPSec interfaces).

Possible actions

Refresh

This button allows data displayed in the table to be refreshed.

"Policies" table

The "Policy" table displays the following data:

Filter The Search field enables data to be filtered according to alphanumeric characters that belong to any column in the table.
Hide established tunnels to display only policies with issues. This button makes it possible to hide IPSec tunnels that have been correctly set up. Only tunnels that cannot be successfully set up remain displayed.
ID

This system ID allows you to link security policies (SP) to security associations (SA).

Local network Network of local hosts that communicate through the selected tunnel (traffic endpoint).
Local network name Name of the object corresponding to the local network
Local gateway IP address that the local firewall presents to set up the tunnel (tunnel endpoint).
Local gateway name Name of the object corresponding to the local gateway.
Direction Direction of network traffic in the tunnel.
Remote gateway IP address that the remote firewall presents to set up one or several tunnels with the local firewall (tunnel endpoint).
Remote gateway name Name of the object corresponding to the remote gateway.
Remote network Network of remote hosts that communicate through the selected tunnel (traffic endpoint).
Remote network name Name of the object corresponding to the local network
Lifetime

Lifespan of the configured VPN policy.

Status A green or red LED indicates whether a tunnel has been set up.

Right-click menu

Right-clicking on the address or name of a network (local or remote) opens the following pop-up menus:

  • Search for this value in the "All logs" view,
  • Show host details

 

Right-clicking on the address or name of a gateway (local or remote) opens the following pop-up menus:

  • Search for this value in the "All logs" view.

"Tunnels" table

The "Tunnels" table displays the following data:

Display only tunnels matching the selected policy If this checkbox is selected, only tunnels matching the selected policy in the "Policies" table will be displayed.
Local gateway IP address that the local firewall presents to set up the selected tunnel (tunnel endpoint).
Local gateway name Name of the object corresponding to the local gateway.
Remote gateway IP address that the remote firewall presents to set up the selected tunnel (tunnel endpoint).
Remote gateway name Name of the object corresponding to the remote gateway.
Lifetime

Life span of the SA (Security Association) for the tunnel concerned.

Bytes Number of bytes exchanged in the selected tunnel.
Status Indicates the status of the tunnel. (Example: Mature).
Encryption

Name of the encryption algorithm

Authentication

Name of the authentication algorithm