Monitoring and Troubleshooting VPNs | IPSec VPN |
|
|
Timeout | The time before the next key exchange. The time is calculated by |
| subtracting the time elapsed since the last key exchange from the keylife. |
Proxy ID Source The actual IP address or subnet address of the remote peer. | |
Proxy ID | The actual IP address or subnet address of the local peer. |
Destination |
|
Figure 63: Dialup Monitor
Testing a VPN
To confirm that a VPN between two networks has been configured correctly, use the ping command from one internal network to connect to a computer on the other internal network. The IPSec VPN tunnel starts automatically when the first data packet destined for the VPN is intercepted by the FortiGate unit.
To confirm that a VPN between a network and one or more clients has been configured correctly, start a VPN client and use the ping command to connect to a computer on the internal network. The VPN tunnel initializes automatically when the client makes a connection attempt. You can start the tunnel and test it at the same time by pinging from the client to an address on the internal network.
256 | Fortinet Inc. |