Chapter 10 Monitor

 

Table 41 Monitor > VPN Monitor > IPSec (continued)

 

LABEL

DESCRIPTION

 

Encapsulation

This field displays how the IPSec SA is encapsulated.

 

 

 

 

Policy

This field displays the content of the local and remote policies for this

 

 

IPSec SA. The IP addresses, not the address objects, are displayed.

 

 

 

 

Algorithm

This field displays the encryption and authentication algorithms used in

 

 

the SA.

 

 

 

 

Up Time

This field displays how many seconds the IPSec SA has been active.

 

 

This field displays N/A if the IPSec SA uses manual keys.

 

 

 

 

Timeout

This field displays how many seconds remain in the SA life time, before

 

 

the ZyWALL automatically disconnects the IPSec SA. This field displays

 

 

N/A if the IPSec SA uses manual keys.

 

 

 

 

Inbound (Bytes)

This field displays the amount of traffic that has gone through the

 

 

IPSec SA from the remote IPSec router to the ZyWALL since the IPSec

 

 

SA was established.

 

 

 

 

Outbound

This field displays the amount of traffic that has gone through the

 

(Bytes)

IPSec SA from the ZyWALL to the remote IPSec router since the IPSec

 

 

SA was established.

 

 

 

 

Refresh

Click Refresh to update the information in the display.

 

 

 

10.11.1 Regular Expressions in Searching IPSec SAs

A question mark (?) lets a single character in the VPN connection or policy name vary. For example, use “a?c” (without the quotation marks) to specify abc, acc and so on.

Wildcards (*) let multiple VPN connection or policy names match the pattern. For example, use “*abc” (without the quotation marks) to specify any VPN connection or policy name that ends with “abc”. A VPN connection named “testabc” would match. There could be any number (of any type) of characters in front of the “abc” at the end and the VPN connection or policy name would still match. A VPN connection or policy name named “testacc” for example would not match.

A * in the middle of a VPN connection or policy name has the ZyWALL check the beginning and end and ignore the middle. For example, with “abc*123”, any VPN connection or policy name starting with “abc” and ending in “123” matches, no matter how many characters are in between.

The whole VPN connection or policy name has to match if you do not use a question mark or asterisk.

 

247

ZyWALL USG 2000 User’s Guide