SSL VPN tunnels

"Real time" grid

This table displays all the hosts connected to the firewall through an SSL VPN tunnel. For each host, the "SSL VPN tunnel monitoring" view displays the following data:

User Connection ID used in setting up the referenced SSL VPN tunnel.
Directory Directory in which the connected user is defined.
VPN client IP address IP address assigned to the client workstation to set up the SSL VPN tunnel (this address belongs to the network defined in the VPN > SSL VPN module > Network assigned to clients (TCP) or Network assigned to clients (UDP) field.
Client version

This column indicates the SN SSL VPN Client version that was used to set up the tunnel shown.

The value indicated for a third-party or incompatible SN SSL VPN client is N/A.

Client workstation verification (ZTNA)

This column indicates the status of the client with regard to the host/user verification policy.

There are three possible values:

  • Disabled: when no client workstation/user verification policy has been defined,
  • Not verified: this value is shown when permissive mode has been enabled (Allow tunnels to be set up for clients that are not compatible with ZTNA checkbox selected), and the SSL VPN client used for setting up the tunnel is not compatible with the client workstation/user verification (third-party SSL VPN client or incompatible SN SSL VPN Client version),
  • Compliant: when the client workstation complies with the criteria defined in the client workstation/user verification policy.
Real IP address IP address assigned to the local network of the connected client workstation.
Received Number of bytes received by the SSL VPN server (firewall) in the tunnel in question.
Sent Number of bytes sent by the SSL VPN server. (firewall) in the tunnel in question.
Duration Time lapsed since the tunnel was set up. This value is expressed in hh:mm:ss.
Port Port used by the client to set up the tunnel.

Right-click menu

Right-clicking on the name of the user opens the following pop-up menus:

  • Search for this value in logs,
  • Log off this user.

Right-clicking on the IP address of the VPN client or on the real IP address of a host opens the following pop-up menus:

  • Search for this value in the "All logs" view,
  • Show host details,
  • Reset this object's reputation score,
  • Blacklist this object (for 1 minute, 5 minutes, 30 minutes or 3 hours).

"Information" grid

This table lists the number of tunnels that have been set up:

  • Total number of tunnels (UDP + TCP)
  • Number of UDP tunnels
  • Number of TCP tunnels

A warning message will appear whenever the number of tunnels set up starts to reach the maximum number of simultaneous tunnels allowed (information available in the SSL VPN module).

Possible actions

Reset this tunnel This button offers the possibility of forcing the renegotiation of the selected tunnel.
The remote client will then be logged off and logged back on automatically.
Refresh This button refreshes data shown on the screen.
Export results This button makes it possible to download a file in CSV containing information from the table.
Configure the SSL VPN service This link makes it possible to go directly to the configuration of the SSL VPN service (Configuration > VPN > SSL VPN module).
Reset columns This button makes it possible to display only columns suggested by default when the tunnel monitoring window is opened.