VPN Tunnel Status and Subscription Services
The front panel of Firebox System Manager (FSM) includes statistics about current VPN tunnels.
In the Firebox Status area at the right side of the window is a section on BOVPN tunnels. Firebox System Manager shows the current tunnel status and gateway information for each VPN tunnel as well as data sent and received, creation and expiration information, type of authentication and encryption used, and the number of rekeys. For a virtual BOVPN interface, Firebox System Manager also shows information about the route.
Each BOVPN tunnel is shown in one of three states:
The BOVPN tunnel operates correctly and passes traffic.
The BOVPN tunnel has been created, but no tunnel negotiation has occurred. No traffic has been sent through the VPN tunnel.
The BOVPN tunnel was active, but is no longer active because the tunnel has no traffic or because the link between the gateways was lost.
For Fireboxes that run Fireware OS v11.10 and higher, VPN diagnostic messages also appear on the Front Panel tab. VPN diagnostic messages for a tunnel include the tunnel name, and indicate a problem with tunnel route or Phase 2 settings. VPN diagnostic messages related to a VPN gateway refer to the gateway endpoint by number. For example, if a gateway has two gateway endpoint pairs, VPN diagnostic messages refer to the first gateway endpoint as Endpoint 1, and the second as Endpoint 2. VPN diagnostic messages can be errors or warnings.
VPN diagnostic errors indicate the VPN failed because of a configuration or connection issue. Error messages appear in red text and indicate that a gateway or tunnel has a diagnostic error.
VPN diagnostic warnings indicate a that a VPN is down because of an abnormal condition, such as dead peer detection (DPD) failure. Warning messages appear in orange text and indicate that a gateway or tunnel has a diagnostic warning.
This information also appears on the Device Status tab in WatchGuard System Manager.
To find more information about the diagnostic messages for your VPN tunnels and gateways, you can run the VPN Diagnostic Report. For information about how to run the report, see Run Diagnostic Tasks to Learn More About Log Messages.
Mobile VPN Tunnel Status
Firebox System Manager shows the user name, IP address information, and the quantity of sent and received packets for the types of Mobile VPN Tunnels:
- Mobile VPN with IPSec
- Mobile VPN with SSL
- Mobile VPN with L2TP
To disconnect Mobile VPN users, right-click a user and select Logoff selected user.
Subscription Services Status
In the Subscription Services section, Firebox System Manager shows this information about the Subscription Services enabled on your Firebox:
- Number of viruses found
- Number of intrusions
- Number of email messages confirmed as spam
- Number of HTTP requests denied by WebBlocker since the last restart
- Number of requests denied by Reputation Enabled Defense
- Number of objects blocked by Data Loss Prevention
- Number of threats identified by APT Blocker
- Number of application requests denied by Application Control