To view IPsec VPN Phase I information, select Monitor>IPSec VPN>Phase I in the J-Web interface.
Table 41 describes the available options for monitoring IPsec VPN-Phase I.
Table 41: IPsec VPN—Phase I Monitoring Page
Field | Values | Additional Information |
---|---|---|
IKE SA Tab Options | ||
IKE Security Associations | ||
SA Index |
Index number of an SA. |
|
Remote Address |
IP address of the destination peer with which the local peer communicates. |
|
State |
State of the IKE security associations:
|
|
Initiator Cookie |
Random number, called a cookie, which is sent to the remote node when the IKE negotiation is triggered. |
|
Responder Cookie |
Random number generated by the remote node and sent back to the initiator as a verification that the packets were received. |
A cookie is aimed at protecting the computing resources from attack without spending excessive CPU resources to determine the cookie’s authenticity. |
Mode |
Negotiation method agreed upon by the two IPsec endpoints, or peers, used to exchange information. Each exchange type determines the number of messages and the payload types that are contained in each message. The modes, or exchange types, are:
|