Table 8-16 IPsec statistics
Message | Description |
|
|
Fragmentation Errors | Number of fragmented packets that cannot be reassembled. |
|
|
ESP MAC Errors | Number of encapsulating security payload (ESP) MAC errors. MAC is used to verify |
| that the received message is the same as the one sent. |
|
|
AH MAC Errors | Number of authentication header (AH) MAC errors. MAC is used to verify that the |
| message received is the same as the one sent. |
|
|
Replay Errors | Number of replay attacks, where unauthorized packets are resent. |
|
|
Drop Rule | Number of dropped packets based on the IPsec rule (set to drop all |
| Client notification of dropped packets is not provided. |
|
|
Reject Rule | Number of rejected IPsec packets. Client notification of rejected packets is provided |
| through ICMP error messages. |
|
|
No Rule | Number of received packets for which an IPsec policy rule is not configured. |
|
|
Generic Drops | Number of dropped packets that are not counted by other statistics. |
|
|
ESP (Rx/Tx): | Total number of ESP packets received (Rx) and transmitted (Tx) by the print server. |
|
|
AH (Rx/Tx) | Total number of AH packets received (Rx) and transmitted (Tx) by the print server. |
|
|
Total (Rx/Tx) | Total number of all packets received (Rx) and transmitted (Tx) by the print server. |
|
|
IKE Stats
Internet key exchange (IKE) statistics for the print server are described in the following table.
Table 8-17 IKE Statistics
Message | Description |
|
|
Phase 1 Failures | Number of authentication failures that occur when the print server is establishing a |
| connection over IPsec. These result in connection failures. |
|
|
Quick Mode Failures | Number of |
| which result in connection failures. |
|
|
Rekeys | Number of times keys were regenerated. For example, this can occur after a key |
| lifetime setting is exceeded and then regenerated. |
|
|
IKE Connections OK (1/Q) | Number of successful IPsec connections for both Phase 1 and Quick Mode attempts, |
| separated by a slash (Phase 1 count / Quick Mode count). |
|
|
IPsec Rules
This section of the Security page identifies the IPsec policy of the print server. The IPsec policy consists of rules that control the security of the traffic received and transmitted by the print server. Rules are configured with an IPsec configuration wizard, which is accessed from the HP Embedded Web Server. You can configure up to ten rules.
The heading of this section indicates the default rule for IPsec traffic (Def: Pass or Drop)
●Pass Allow all
●Drop Drop all
ENWW | HP Jetdirect Security page 163 |