Monitoring policy-based VPNs
You can monitor the status of VPNs in the Dashboard view. The overall status of the VPNs and the tunnels they contain is shown in the tree of monitored elements.
Logging for policy-based VPNs is separate for the tunnels and the traffic that uses the tunnels:
- VPNs negotiations are always logged (regardless of the logging options in Access rules) as informational messages.
- More detailed logging is available when you activate IPsec diagnostic logging for the Engine/VPN for troubleshooting purposes.
- The traffic using the VPNs tunnels is logged according to the logging options in the rule that allows the traffic in or out of the VPNs.
- The Dashboard view provides shortcuts to logs filtered for the specific policy-based VPNs or VPNs Gateway element referenced in the log event.
- Right-click a policy-based SD-WAN in the Status tree, then select .
- Right-click a SD-WAN Gateway in the Status tree or connectivity diagram, then select .
- Right-click the connection between two SD-WAN Gateways in the connectivity diagram, then select to view logs of traffic between the two VPN Gateways.
Log pruning filters can delete some (or even all) of the generated messages.