User Monitor
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 593
http://docs.fortinet.com/ • Feedback
Figure 395: IPSec Monitor list
For Dialup VPNs, the list provides status information about the VPN tunnels established
by dialup clients, including their IP addresses. The number of tunnels shown in the list can
change as dialup clients connect and disconnect.
For Static IP or dynamic DNS VPNs, the list provides status and IP addressing information
about VPN tunnels, active or not, to remote peers that have static IP addresses or domain
names. You can also start and stop individual tunnels from the list.
SSL VPN monitor list
You can view a list of all active SSL VPN sessions. The list displays the user name of the
remote user, the IP address of the remote client, and the time the connection was made.
You can also see which services are being provided, and delete an active web session
from the FortiGate unit. For more information, see “SSL VPN” on page 551.
Type Select the types of VPN to display: “All”, “Dialup”, or “Static IP or Dynamic DNS”.
Column
Settings
Customize the table view. You can select the columns to hide or display and
specify the column displaying order in the table. For more information, see “Using
column settings to control the columns displayed” on page 58 and “Web-based
manager icons” on page 60.
Clear All Filters Select to clear any column display filters you might have applied.
Current Page The current page number of list items that are displayed. Select the left and right
arrows to display the first, previous, next or last page of monitored VPNs.
Filter icons Edit the column filters to filter or sort the IPSec monitor list according to the
criteria you specify. For more information, see “Adding filters to web-based
manager lists” on page 53.
Name The name of the phase 1 configuration for the VPN.
Remote
Gateway
The public IP address of the remote host device, or if a NAT device exists in front
of the remote host, the public IP address of the NAT device.
Remote Port The UDP port of the remote host device, or if a NAT device exists in front of the
remote host, the UDP port of the NAT device. Zero (0) indicates that any port can
be used.
Proxy ID Source The IP addresses of the hosts, servers, or private networks behind the FortiGate
unit. The page may display a network range if the source address in the firewall
encryption policy was expressed as a range of IP addresses.
Proxy ID
Destination
When a FortiClient dialup client establishes a tunnel:
• If VIP addresses are not used, the Proxy ID Destination field displays the
public IP address of the remote host Network Interface Card (NIC).
• If VIP addresses were configured (manually or through FortiGate DHCP
relay), the Proxy ID Destination field displays either the VIP address belonging
to the FortiClient dialup client, or the subnet address from which VIP
addresses were assigned.
When a FortiGate dialup client establishes a tunnel, the Proxy ID Destination field
displays the IP address of the remote private network.
Tunnel up or
tunnel down
icon
A green arrow means the tunnel is currently processing traffic. Select to bring
down the tunnel.
A red arrow means the tunnel is not processing traffic. Select to bring up the
tunnel.
To Next Page
Loading...