VPN close
IPSec Connection Status
This page displays the status of IPSec connections. You can change the status of a connection; to either establish or drop the SA (Security Association).
Active IPSec Security Association(s) (SA)
For each IPSec SA this table lists the following data:
Policy Name: The name of the IKE or VPN policy associated with this SA.
Endpoint: Displays the IP address of the remote VPN gateway or client.
Tx (KB): The number of KBs of data transmitted over this SA.
Tx (Packets): The number of IP packets transmitted over this SA.
State: Displays the current status of the SA for IKE policies. The status can be either Not Connected , IPSec SA Established or IPsec SA Expiring*.
Action: Click Connect to build the SA (connection) or Drop to terminate the SA (connection) as required.
The page refreshes automatically to display the most current status for an SA. The settings for page refresh are:
Poll Interval: Time in seconds, after which the page will automatically reload.
Set Interval: Enter a new value in the Poll Interval text field and click Set Interval to set a new interval value.
Stop: Click Stop to Disable the automatic page refresh feature.
*IPsec SA Expiring: This state implies that
(a) a new SA has been negotiated and it is waiting for the current SA to expire ,so that the new SA will be used when the old one expires or
(b) it is in the negotiation phase for the new SA because the older SA is about to expire.
Do not click the Connect button when the state is IPsec SA Expiring. As soon as the system starts using the new SA, at the next refresh (which is typically a 5 second cycle) the status of the button will change from Connect to Drop, so manual intervention is NOT required.
The maximum time for this state is 20% of the configured SA life time.
 

2010 © Copyright NETGEAR®

close