ZyXEL Communications 1000 User Manual
Chapter 10 Monitor
ZyWALL USG 1000 User’s Guide
246
10.11.1 Regular Expressions in Searching IPSec SAs
A question mark (?) lets a single character in the VPN connection or policy name
vary. For example, use “a?c” (without the quotation marks) to specify abc, acc and
so on.
vary. For example, use “a?c” (without the quotation marks) to specify abc, acc and
so on.
Wildcards (*) let multiple VPN connection or policy names match the pattern. For
example, use “*abc” (without the quotation marks) to specify any VPN connection
or policy name that ends with “abc”. A VPN connection named “testabc” would
match. There could be any number (of any type) of characters in front of the “abc”
at the end and the VPN connection or policy name would still match. A VPN
connection or policy name named “testacc” for example would not match.
example, use “*abc” (without the quotation marks) to specify any VPN connection
or policy name that ends with “abc”. A VPN connection named “testabc” would
match. There could be any number (of any type) of characters in front of the “abc”
at the end and the VPN connection or policy name would still match. A VPN
connection or policy name named “testacc” for example would not match.
A * in the middle of a VPN connection or policy name has the ZyWALL check the
beginning and end and ignore the middle. For example, with “abc*123”, any VPN
connection or policy name starting with “abc” and ending in “123” matches, no
matter how many characters are in between.
beginning and end and ignore the middle. For example, with “abc*123”, any VPN
connection or policy name starting with “abc” and ending in “123” matches, no
matter how many characters are in between.
The whole VPN connection or policy name has to match if you do not use a
question mark or asterisk.
question mark or asterisk.
Encapsulation
This field displays how the IPSec SA is encapsulated.
Policy
This field displays the content of the local and remote policies for this
IPSec SA. The IP addresses, not the address objects, are displayed.
IPSec SA. The IP addresses, not the address objects, are displayed.
Algorithm
This field displays the encryption and authentication algorithms used in
the SA.
the SA.
Up Time
This field displays how many seconds the IPSec SA has been active.
This field displays N/A if the IPSec SA uses manual keys.
This field displays N/A if the IPSec SA uses manual keys.
Timeout
This field displays how many seconds remain in the SA life time, before
the ZyWALL automatically disconnects the IPSec SA. This field displays
N/A if the IPSec SA uses manual keys.
the ZyWALL automatically disconnects the IPSec SA. This field displays
N/A if the IPSec SA uses manual keys.
Inbound (Bytes)
This field displays the amount of traffic that has gone through the
IPSec SA from the remote IPSec router to the ZyWALL since the IPSec
SA was established.
IPSec SA from the remote IPSec router to the ZyWALL since the IPSec
SA was established.
Outbound
(Bytes)
(Bytes)
This field displays the amount of traffic that has gone through the
IPSec SA from the ZyWALL to the remote IPSec router since the IPSec
SA was established.
IPSec SA from the ZyWALL to the remote IPSec router since the IPSec
SA was established.
Refresh
Click Refresh to update the information in the display.
Table 41 Monitor > VPN Monitor > IPSec (continued)
LABEL
DESCRIPTION