A Virtual Private Network (VPN) is used to establish an encrypted connection over a less secure network. VPN ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. A tunnel will be established a private network that can send data securely by using industry-standard encryption and authentication techniques to secure the data sent.
A remote-access VPN usually relies on either IPSec or SSL to secure the connection. VPNs provide Layer 2 access to the target network; these require a tunneling protocol such as PPTP or L2TP running across the base IPSec connection. The IPSec VPN supports site-to-site VPN for a gateway-to-gateway tunnel and client-to-server VPN for host-to-gateway tunnel. For example, a user can configure a VPN tunnel at a branch-site to connect to the router at corporate-site, so that the branch-site can securely access corporate network. The client to server VPN is useful when connecting from Laptop/PC from home to a corporate network through VPN server.
The VPN Status displays the tunnel status of the Site-to-Site, Client-to-Site, SSL VPN, PPTP, L2TP, and Teleworker VPN Client. To view the device’s VPN status, click Status > VPN Status.
Site-to-Site Tunnel Status
-
Tunnel(s) Used – VPN tunnels in use.
-
Tunnel(s) Available – Available VPN tunnels.
-
Tunnel(s) Enabled – VPN tunnels enabled.
-
Tunnel(s) Defined – Defined VPN tunnels.
In the Connection Table, you can add, edit, delete, or refresh a tunnel. (See Site-to-Site). You can also click on Column Display Selection to select the column headers displayed in the Connection Table.
Client-to-Site Tunnel Status
In this mode, the client from Internet connects to the server to access the corporate network/LAN behind the server. For a secure connection, you can implement a client-to-site VPN. You can view all the Client-to-Tunnel connections, add, edit, or delete the connections in the Connection Table. (See Client to Site).
The Connection Table displays the following:
-
Group or Tunnel Name – Name of the VPN tunnel. This is for reference purposes only and does not match the name used at the other end of the tunnel.
-
Connections – Status of the connection.
-
Phase2 Encryption/Auth/Group – Phase 2 encryption type (NULL/DES/3DES/AES-128/AES-192/AES-256), authentication method (NULL/MD5/SHA1), and DH group number (1/2/5).
-
Local Group – IP address and subnet mask of the local group.
SSL VPN Status
A Secure Sockets Layer virtual private network (SSLVPN) allows users to establish a secure, remote-access VPN tunnel to this device by using a web browser. SSL VPN provides secure, easy access to a broad range of web resources and web-enabled applications from almost any computer on the Internet. Here, you can view the status of the SSL VPN tunnels.
-
Tunnel(s) Used – SSL VPN Tunnels used for connection.
-
Tunnel(s) available – Available tunnels for the SSL VPN connection.
The Connection Table shows the status of the established tunnels. You can also add edit or delete connections.
-
Policy Name – Name of the policy applied on the tunnel.
-
Session – Number of sessions.
You can also add, edit or delete a SSL VPN. (See SSL VPN).
PPTP Tunnel Status
Point-to-Point Tunneling Protocol has the capability to encrypt data with 128-bit. It is used to ensure that messages sent from one VPN node to another are secure.
-
Tunnel(s) Used – PPTP Tunnels used for the VPN connection.
-
Tunnel(s) Available – Available tunnels for the PPTP connection.
The Connection Table – shows the status of the established tunnels. You can also connect or disconnect these connections.
-
Session ID – Session ID of the proposed or current connection.
-
Username – Name of the connected user.
-
Remote Access – IP address of the remotely connected or proposed connection.
-
Tunnel IP – IP address of the tunnel.
-
Connect Time – Time of the tunneling time.
-
Action – Connect or disconnect the tunnel.
L2TP Tunnel Status
Layer 2 Tunneling Protocol is the method used to enable Point-to-Point sessions by using the Internet at Layer 2. You can find the status of L2TP Tunnel Status.
-
Tunnel(s) Used – L2TP tunnels used for the VPN connection.
-
Tunnel(s) available – Available tunnels for the L2TP connection.
The Connection Table – Shows the status of the established tunnels. You can also connect or disconnect these connections.
-
Session ID – Session ID of the proposed or current connection.
-
Username – Name of the connected user.
-
Remote Access – IP address of the remotely connected or proposed connection.
-
Tunnel IP – IP address of the tunnel.
-
Connect Time – Time of the tunneling time.
-
Action – Connect or disconnect the tunnel.
Teleworker VPN Client
You can find the status of a Teleworker VPN Client on this page. A VPN connection can be created with minimal configuration on the VPN - Teleworker VPN client page. When the Teleworker VPN client initiates the VPN connection, the IPSec VPN server pushes the IPSec policies to the Teleworker VPN client and creates the corresponding VPN tunnel.
-
Name — Name of tunnel.
-
Status — Current status of a tunnel whether up or down.
-
Primary DNS — IP Address of the Primary DNS Server.
-
Secondary DNS — IP Address of the Secondary DNS Server.
-
Primary WINS — IP Address of primary Windows Internet Name Service (WINS).
-
Secondary DNS — IP Address of the Secondary DNS Server.
-
Default Domain — Name of the default domain.
-
Split Tunnel—Name of the tunnel that allows a mobile user to access dissimilar security domains like a public network and a local LAN or WAN at the same time, VPN tunnels are enabled.
-
Split DNS — Split DNS directs internal hosts to an internal domain name server for name resolution and external hosts are directed to an external domain name server forname resolution. Name of the split DNS.
-
Backup Server 1, 2, and 3 — When the connection to the primary IPSec VPN server fails, the security appliance can initiate the VPN connection to the backup servers. The backup server 1 has the highest priority and the backup server 3 has the lowest priority. Names of the servers defined as backup.