How can we help?

What can I see on a firewall tunnels dashboard?

Follow

The new firewall dashboard is just the beginning of more visibility into site-to-site virtual private networks (VPNs) between your offices. In the coming months, we’ll be building out the firewall dashboard with lots more information so stay tuned.

What types of tunnels are supported?

Auvik currently supports site-to-site VPN over IPsec (Internet Protocol Security) for Cisco (Including Meraki), Palo Alto, Fortinet, Microtik, Watchguard, and SonicWALL devices only. We’ll be adding support for remote access, SSL VPNs, and other vendors in future releases.

Note: Palo Alto's tunnels are set up through CLI

For IPsec, there are two types of VPNs available:

  • Policy-based VPNs send traffic through an interface based on a defined access list.
  • Route-based VPNs allow all traffic that passes through a special Layer 3 interface.

How do I view tunnel statistics?

Note: You can only report statistics on a firewall tunnel if you manage BOTH endpoints of the tunnel.

A firewall dashboard displays all the KPIs and tabs that other networking devices have, along with an additional tab called Tunnels.

  1. From the firewall dashboard, click the Tunnels tab.
  2. In the displayed list of tunnels, find the tunnel you want to see statistics for and click its row.
  3. The statistics you’ll see default to being displayed by packets. To view stats in bytes, click the drop-down list in the Tunnel Stats in Packets widget and select Tunnel Stats in Bytes.

The list of tunnels reveals a lot of detail:

Column header

Data description

Name (Phase 2)

Tunnel name used for data transmission

Name (Phase 1)

Tunnel name used for rules and policies defined for authorization and authentication

Local Gateway

The device’s local IP address that’s acting as the VPN gateway

Remote Gateway

The remote IP address used by the VPN gateway

Source Begin IP

Range of internal IP addresses allowed for the VPN connection

Source End IP / Mask

Range of internal IP addresses or masks allowed for the VPN connection

Destination Begin IP

Range of remote internal IP addresses allowed for the VPN connection

Destination End IP / Mask

Range of remote internal IP addresses or masks allowed for the VPN connection

How do I monitor my VPN tunnel status?

Auvik has a pre-configured alert that notifies you when your VPN remote gateway is lost. By default, this alert is disabled but you can enable the alert if you want to start getting notifications about your VPN tunnel.

How do I monitor my SSL VPN session usage?

Auvik has pre-configured alerts that notify you when your SSL VPN session usage reaches thresholds that you define. By default, the alert is disabled but you can enable the alert if you want to start getting notifications about your SSL VPN session usage.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request