FortiGate Version 3.0 MR4 Administration Guide
300 01-30004-0203-20070102
Monitor VPN IPSEC
Monitor
You can use the monitor to view activity on IPSec VPN tunnels and start or stop
those tunnels. The display provides a list of addresses, proxy IDs, and timeout
information for all active tunnels, including tunnel mode and route-based (interface
mode) tunnels.
To view active tunnels, go to VPN > IPSEC > Monitor.
Figure 184:Monitor list
The Dialup list provides information about the status of tunnels that have been
established for dialup clients. The list displays the IP addresses of dialup clients
and the names of all active tunnels. The number of tunnels shown in the list can
change as dialup clients connect and disconnect.
Concentrator Name Type a name for the concentrator.
Available Tunnels A list of defined IPSec VPN tunnels. Select a tunnel from the list and
then select the right-pointing arrow. Repeat these steps until all of
the tunnels associated with the spokes are included in the
concentrator.
Members A list of tunnels that are members of the concentrator. To remove a
tunnel from the concentrator, select the tunnel and select the left-
pointing arrow.
Page up and Page
down icons
Display the previous or next page of dialup-tunnel status listings.
Name The names of configured tunnels.
Remote gateway The public IP address and UDP port of the remote host device, or if
a NAT device exists in front of the remote host, the public IP address
and UDP port of the NAT device.
Username The peer ID, certificate name, or XAuth user name of the dialup
client (if a peer ID, certificate name, or XAuth user name was
assigned to the dialup client for authentication purposes).
Timeout The amount of time before the next phase 2 key exchange. The time
is calculated by subtracting the time elapsed since the last key
exchange from the keylife. When the phase 2 key expires, a new
key is generated without interrupting service.
Page up
Page down
To Next Page
Loading...
