VPN |
 |
|
IPSec Connection Status |
This page displays the status of IPSec connections. You can change the status of
a connection; to either establish or drop the SA (Security Association). |
Active IPSec Security Association(s) (SA) |
For each IPSec SA this table lists the following data: |
Policy Name: The name of the IKE or VPN policy
associated with this SA. |
Endpoint: Displays the IP address of the remote VPN
gateway or client. |
Tx (KB): The number of KBs of data transmitted over
this SA. |
Tx (Packets): The number of IP packets transmitted
over this SA. |
UP Time(Seconds): It dispalys the IPsec uptime in seconds.
This will reset when SA expires. |
State: Displays the current status of the SA for
IKE policies. The status can be either
Not Connected ,
IPSec SA Established or
IPsec SA Expiring*. |
Action: Click
Connect to build the SA (connection)
or
Drop to terminate the SA (connection) as required.
The page refreshes automatically to display the most current status for an SA.
The settings for page refresh are: |
Poll Interval: Time in seconds, after which the page
will automatically reload. |
Set Interval: Enter a new value in the
Poll Interval
text field and click
Set Interval to set a new interval value. |
Stop: Click
Stop to Disable the automatic page refresh
feature. |
*IPsec SA Expiring: This state implies that
(a) a new SA has been negotiated and it is waiting for the current SA to expire ,so that the new SA will be used when the old one expires or
(b) it is in the negotiation phase for the new SA because the older SA is about to expire.
Do not click the
Connect button when the state is
IPsec SA Expiring. As soon as the system starts using the new SA, at the next refresh (which is typically a 5 second cycle) the status of the button will change from
Connect to
Drop, so manual intervention is NOT required. The maximum time for this state is 20% of the configured SA life time. |
|