Help Center User GuideGetting Started
 
X
User Guide
Getting Started
Contents  

Monitoring IPsec VPN—Phase II

Purpose

View IPsec VPN Phase II information.

Action

Select Monitor>IPSec VPN>Phase II in the J-Web user interface.

Table 72 describes the available options for monitoring IPsec VPN-Phase II.

Table 72: IPsec VPN—Phase II Monitoring Page

FieldValuesAdditional Information
Statistics Tab Details

By bytes

Provides total number of bytes encrypted and decrypted by the local system across the IPsec tunnel.

By packets

Provides total number of packets encrypted and decrypted by the local system across the IPsec tunnel.

IPsec Statistics

Provides details of the IPsec statistics.

IPsec SA Tab Details
IPsec Security Associations

ID

Index number of the SA.

Gateway/Port

IP address of the remote gateway/port.

Algorithm

Cryptography scheme used to secure exchanges between peers during the IKE Phase II negotiations:

  • An authentication algorithm used to authenticate exchanges between the peers. Options are hmac-md5-95 or hmac-sha1-96.

SPI

Security parameter index (SPI) identifier. An SA is uniquely identified by an SPI. Each entry includes the name of the VPN, the remote gateway address, the SPIs for each direction, the encryption and authentication algorithms, and keys. The peer gateways each have two SAs, one resulting from each of the two phases of negotiation: Phase I and Phase II.

Life

The lifetime of the SA, after which it expires, expressed either in seconds or kilobytes.

Monitoring

Specifies if VPN-Liveliness Monitoring has been enabled/disabled. Enabled - ' U ', Disabled- '—'

Vsys

Specifies the root system.

Related Documentation

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit