[Next][Report an Error]

Monitoring IPsec VPN—Phase II

To view IPsec VPN Phase II information, select Monitor>IPSec VPN>Phase II in the J-Web interface:

Table 42 describes the available options for monitoring IPsec VPN-Phase II.

Table 42: IPsec VPN—Phase II Monitoring Page

Field Values Additional Information
Statistics Tab Details

By bytes

Provides total number of bytes encrypted and decrypted by the local system across the IPsec tunnel.

By packets

Provides total number of packets encrypted and decrypted by the local system across the IPsec tunnel.

IPsec Statistics

Provides details of the IPsec statistics.

IPsec SA Tab Details
IPsec Security Associations


Index number of the SA.


IP address of the remote gateway/port.


Cryptography scheme used to secure exchanges between peers during the IKE Phase II negotiations:

  • An authentication algorithm used to authenticate exchanges between the peers. Options are hmac-md5-95 or hmac-sha1-96.


Security parameter index (SPI) identifier. An SA is uniquely identified by an SPI. Each entry includes the name of the VPN, the remote gateway address, the SPIs for each direction, the encryption and authentication algorithms, and keys. The peer gateways each have two SAs, one resulting from each of the two phases of negotiation: Phase I and Phase II.


The lifetime of the SA, after which it expires, expressed either in seconds or kilobytes.


Specifies if VPN-Liveliness Monitoring has been enabled/disabled. Enabled - ' U ', Disabled- '—'


Specifies the root system.

[Next][Report an Error]