The IPsec status page at Status > IPsec displays the current state of all IPsec tunnels configured on the firewall.
This page is divided into four tabs.
This tab lists all enabled IPsec tunnels. Each entry contains the tunnel description, links to its settings, outer and inner IP addresses, various properties of the tunnel, counters, and current status.
Connected tunnels are listed first, followed by disconnected tunnels. There are buttons on each row to connect or disconnect entries manually.
By default only the IKE portion of a tunnel (phase 1) is listed to keep the display compact. Click Show child SA entries to display the child SA (phase 2) entries.
Lists current usage statistics for mobile IPsec client leases from configured pools. Current and recently connected clients are also listed along with the IP address they were assigned by the firewall.
Shows the contents of the IPsec Security Association Database (SAD) which contains data about current IKE SA entries and corresponds with active phase 1 entries.
The page contains one entry in the list for each direction between public peer
addresses of an active IPsec tunnel. For example, one entry for
y.y.y.y and a corresponding entry for
Shows the contents of the IPsec Security Policy Database (SPD). These policies define the networks which are interesting to IPsec and corresponds with phase 2 entries.
The page contains one entry for each direction between private networks of all IPsec tunnels whether or not they are connected.