Monitoring policy-based VPNs
You can monitor the status of VPNs in the Dashboard view. The overall status of the VPNs and the tunnels they contain is shown in the tree of monitored elements.
Logging for policy-based VPNs is separate for the tunnels and the traffic that uses the tunnels:
- VPN negotiations are always logged (regardless of the logging options in Access rules) as informational messages.
- More detailed logging is available when you activate IPsec diagnostic logging for the Firewall/ VPN engine for troubleshooting purposes.
- The traffic using the VPN tunnels is logged according to the logging options in the rule that allows the traffic in or out of the VPN.
- The Dashboard view provides shortcuts to logs filtered for the specific policy-based VPN or VPN Gateway element referenced in the log event.
- Right-click a policy-based VPN in the Status tree, then select .
- Right-click a VPN Gateway in the Status tree or connectivity diagram, then select .
- Right-click the connection between two VPN Gateways in the connectivity diagram, then select to view logs of traffic between the two VPN Gateways.
Log pruning filters can delete some (or even all) of the generated messages.