Cisco Systems VPN 3000 Manual De Usuario
Monitor | Statistics | IPSec
15-59
VPN 3000 Concentrator Series User Guide
IPSec (Phase 2) Statistics
This table provides IPSec Phase 2 global statistics. During IPSec Phase 2, the two peers negotiate
Security Associations that govern traffic within the tunnel.
Security Associations that govern traffic within the tunnel.
Active Tunnels
The number of currently active IPSec Phase-2 tunnels, both for LAN-to-LAN connections and remote
access.
access.
Total Tunnels
The cumulative total of all currently and previously active IPSec Phase-2 tunnels, both for LAN-to-LAN
connections and remote access.
connections and remote access.
Received Bytes
The cumulative total of bytes (octets) received by all currently and previously active IPSec Phase-2
tunnels, before decompression. In other words, total bytes of IPSec-only data received by the IPSec
subsystem, before decompressing the IPSec payload.
tunnels, before decompression. In other words, total bytes of IPSec-only data received by the IPSec
subsystem, before decompressing the IPSec payload.
Sent Bytes
The cumulative total of bytes (octets) sent by all currently and previously active IPSec Phase-2 tunnels,
after compression. In other words, total bytes of IPSec-only data sent by the IPSec subsystem, after
compressing the IPSec payload.
after compression. In other words, total bytes of IPSec-only data sent by the IPSec subsystem, after
compressing the IPSec payload.
Received Packets
The cumulative total of packets received by all currently and previously active IPSec Phase-2 tunnels.
Sent Packets
The cumulative total of packets sent by all currently and previously active IPSec Phase-2 tunnels.
Received Packets Dropped
The cumulative total of packets dropped during receive processing by all currently and previously active
IPSec Phase-2 tunnels, excluding packets dropped due to anti-replay processing. If there is a problem
with the content of a packet, the system drops the packet. This number should be zero or very small; if
not, check for misconfiguration.
IPSec Phase-2 tunnels, excluding packets dropped due to anti-replay processing. If there is a problem
with the content of a packet, the system drops the packet. This number should be zero or very small; if
not, check for misconfiguration.
Received Packets Dropped (Anti-Replay)
The cumulative total of packets dropped during receive processing due to anti-replay errors, by all
currently and previously active IPSec Phase-2 tunnels. If the sequence number of a packet is a duplicate
or out of bounds, there may be a faulty network or a security breach, and the system drops the packet.
currently and previously active IPSec Phase-2 tunnels. If the sequence number of a packet is a duplicate
or out of bounds, there may be a faulty network or a security breach, and the system drops the packet.