IPSec VPN tunnels
This module allows you to view tunnels in active IPSec policies on the firewall (tunnels that have been set up using the native IPSec interface or virtual IPSec interfaces).
Possible actions
| Refresh | This button allows data displayed in the table to be refreshed. |
| Configure the IPsec VPN service | This link makes it possible to go directly to the configuration of the IPSec VPN service (Configuration > VPN > IPSec VPN module). |
"Policies" table
The "Policy" table displays the following data:
| Filter | The Search field enables data to be filtered according to alphanumeric characters that belong to any column in the table. |
| Hide established tunnels to display only policies with issues. | This button makes it possible to hide IPSec tunnels that have been correctly set up. Only tunnels that cannot be successfully set up remain displayed. |
| ID | This system ID allows you to link security policies (SP) to security associations (SA). |
| Local network | Network of local hosts that communicate through the selected tunnel (traffic endpoint). |
| Local network name | Name of the object corresponding to the local network |
| Local gateway | IP address that the local firewall presents to set up the tunnel (tunnel endpoint). |
| Local gateway name | Name of the object corresponding to the local gateway. |
| Direction | Direction of network traffic in the tunnel. |
| Remote gateway | IP address that the remote firewall presents to set up one or several tunnels with the local firewall (tunnel endpoint). |
| Remote gateway name | Name of the object corresponding to the remote gateway. |
| Remote network | Network of remote hosts that communicate through the selected tunnel (traffic endpoint). |
| Remote network name | Name of the object corresponding to the local network |
| Lifetime | Lifespan of the configured VPN policy. |
| Status | A green or red LED indicates whether a tunnel has been set up. |
Right-click menu
Right-clicking on the address or name of a network (local or remote) opens the following pop-up menus:
- Search for this value in the "All logs" view,
- Show host details
Right-clicking on the address or name of a gateway (local or remote) opens the following pop-up menus:
- Search for this value in the "All logs" view.
"Tunnels" table
The "Tunnels" table displays the following data:
| Display only tunnels matching the selected policy | If this checkbox is selected, only tunnels matching the selected policy in the "Policies" table will be displayed. |
| Local gateway | IP address that the local firewall presents to set up the selected tunnel (tunnel endpoint). |
| Local gateway name | Name of the object corresponding to the local gateway. |
| Remote gateway | IP address that the remote firewall presents to set up the selected tunnel (tunnel endpoint). |
| Remote gateway name | Name of the object corresponding to the remote gateway. |
| Lifetime | Life span of the SA (Security Association) for the tunnel concerned. |
| Bytes | Number of bytes exchanged in the selected tunnel. |
| Status | Indicates the status of the tunnel. (Example: Mature). |
| Encryption | Name of the encryption algorithm |
| Authentication | Name of the authentication algorithm |