VPN IPSEC Monitor
FortiGate Version 3.0 MR4 Administration Guide
01-30004-0203-20070102 301
The Static IP and dynamic DNS list provides information about VPN tunnels to
remote peers that have static IP addresses or domain names. You can use this list
to view status and IP addressing information for each tunnel configuration. You
can also start and stop individual tunnels from the list.
Proxy ID Source The IP addresses of the hosts, servers, or private networks behind
the FortiGate unit. A network range may be displayed if the source
address in the firewall encryption policy was expressed as a range
of IP addresses.
Proxy ID
Destination
When a FortiClient dialup client establishes a tunnel:
• If VIP addresses are not used, the Proxy ID Destination field
displays the public IP address of the remote host Network
Interface Card (NIC).
• If VIP addresses were configured (manually or through FortiGate
DHCP relay), the Proxy ID Destination field displays either the
VIP address belonging to the FortiClient dialup client, or the
subnet address from which VIP addresses were assigned.
When a FortiGate dialup client establishes a tunnel, the Proxy ID
Destination field displays the IP address of the remote private
network.
Tunnel up or tunnel
down icon
A green arrow pointing up means the tunnel is currently processing
traffic. Select to bring down tunnel.
A red arrow pointing down means the tunnel is not processing traffic.
Select to bring up tunnel.
Page up and
Page down icons
Display the previous or next page of VPN-tunnel status listings.
Name The names of configured tunnels.
Remote gateway The IP addresses and UDP ports of the remote gateways. For dynamic
DNS tunnels, the IP addresses are updated dynamically.
Timeout The amount of time before the next phase 2 key exchange. The time is
calculated by subtracting the time elapsed since the last key exchange
from the keylife. When the phase 2 key expires, a new key is generated
without interrupting service.
Proxy ID Source The IP addresses of the hosts, servers, or private networks behind the
FortiGate unit. A network range may be displayed if the source address
in the firewall encryption policy was expressed as a range of IP
addresses.
Proxy ID
Destination
The IP addresses of the hosts, servers, or private networks behind the
remote FortiGate unit.
Tunnel up or
tunnel down icon
.A green arrow pointing up means the tunnel is currently processing
traffic. Select to bring down tunnel.
A red arrow pointing down means the tunnel is not processing traffic.
Select to bring up tunnel.
To Next Page
Loading...
