IPSec VPN

VPN 监视和问题解答

 

 

图 27: 自动 IKE 密钥通道状态

查看拨号 VPN 连接的状态

您可以使用拨号监视器查看拨号 VPN 的连接状态。拨号监视器列出了远程网关和每 个网关上处于活动状态的 VPN 通道。监视器上还列出了每个通道的通道有效期、超时、 源代理 ID 和目的代理 ID。

按以下步骤查看拨号连接状态

1 进入 VPN > IPSec > 拨号。

有效期 列显示了这个连接建立以来经历的时间。

超时 列显示了下次密钥交换之前剩下的时间。这个时间等于密钥有效期减去上次密钥 交换以来经历的时间。

源代理 ID 列 显示了远端的实际的 IP 地址或者子网地址。

目的代理 ID 列 显示了本地的实际 IP 地址或者子网地址。

图 28: 拨号监视器

测试 VPN

为了确认位于两个网络之间的 VPN 是否配置正确,可以使用 PING 命令从一个内部 网络连接另一个内部网络中的一台计算机。当 FortiGate 收到第一个发往 VPN 的数据 包时,就会发起 VPN 连接。

为了确认一个在网络和一个或多个远程用户之间的 VPN 是否配置正确,可以发起一 个 VPN 客户端连接然后使用 PING 命令连接到内部网络中的一台电脑上。当客户试图连 接时,VPN 通道会自动初始化。您只需从客户端 PING 内部网络中的一台电脑就可以同 时发起这个通道并测试它。

FortiGate-500 安装和配置指南

203

Page 215
Image 215
Fortinet 500 manual 查看拨号 Vpn 连接的状态, 测试 Vpn, 203, 按以下步骤查看拨号连接状态 进入 VPN IPSec 拨号。

500 specifications

Fortinet 500 is a next-generation firewall (NGFW) that is part of Fortinet's acclaimed FortiGate family, designed to provide advanced security for medium to large enterprises. This appliance is known for its high performance, flexibility, and ability to protect networks from a variety of cyber threats through its robust features and technologies.

One of the main features of the Fortinet 500 is its integrated security capabilities. It combines multiple security functions into a single device, allowing organizations to manage everything from intrusion prevention and antivirus to web filtering and application control. This integration leads to simplified management and increased efficiency, as users can address multiple security needs without deploying multiple devices.

The Fortinet 500 runs on the FortiOS operating system, which is known for its simplicity and user-friendliness. FortiOS provides a centralized management interface that allows for the easy configuration and monitoring of security policies across the entire network. Additionally, the Fortinet management tools, such as FortiManager and FortiAnalyzer, enable detailed insights and reporting capabilities, helping organizations stay compliant with their security mandates.

Another characteristic that sets Fortinet 500 apart is its advanced threat intelligence, powered by the FortiGuard Labs. This global threat intelligence system continuously updates the firewall with the latest threat signatures and attack vectors, ensuring that organizations stay ahead of emerging threats. The firewall also employs machine learning and artificial intelligence to detect and mitigate sophisticated attacks in real-time.

Performance is crucial in any security appliance, and the Fortinet 500 does not disappoint. With hardware acceleration and purpose-built security processors, it delivers high throughput levels, enabling organizations to maintain productivity without sacrificing security. This level of performance is particularly beneficial in environments with heavy traffic and bandwidth demands.

In addition to these core features, the Fortinet 500 supports seamless integration with other security solutions within the Fortinet Security Fabric. This comprehensive approach allows for greater visibility and control over the entire security posture of an organization.

Overall, the Fortinet 500 is a powerful NGFW that offers a blend of advanced security features, ease of management, top-notch performance, and robust threat intelligence. Its ability to adapt to the ever-evolving landscape of cybersecurity makes it a valuable asset for businesses seeking to safeguard their digital assets and ensure seamless network operation.