Specifications

ManualsBrandsCisco ManualsComputer equipment3005 - VPN Concentrator - Gateway

141

142

143

144

145

146

147

148

149

150

14-12

VPN 3000 Series Concentrator Reference Volume II: Administration and Monitoring

78-13274-01

Chapter 14 Sessions

Monitoring | Sessions | Detail

Monitoring | Sessions | Detail Parameters

Table 14-2 Parameter Definitions for Monitoring | Sessions | Detail Screens

Parameter Definition

Assigned IP Address The private IP address assigned to the remote client for this session.

This is also known as the “inner” or “virtual” IP address, and it lets

the client appear to be a host on the private network.

Authentication Mode The protocol or mode used to authenticate this session.

Bytes Rx

Bytes Received

The total number of bytes received from the remote peer or client

by the VPN Concentrator.

Bytes Tx

Bytes Transmitted

The total number of bytes transmitted to the remote peer or client by

the VPN Concentrator.

Compression The data compression algorithm this session is using. LZS is the

data compression algorithm used by IPComp. MPPC uses LZ.

Connection Name The name of the IPSec LAN-to-LAN connection.

Diffie-Hellman Group The algorithm and key size used to generate IPSec SA encryption

keys.

Duration The elapsed time (HH:MM:SS) between the session login time and

the last screen refresh.

Encapsulation Mode The mode for applying IPSec ESP (Encapsulation Security Payload

protocol) encryption and authentication, in other words, what part

of the original IP packet has ESP applied.

Encryption

Encryption Algorithm

The data encryption algorithm this session is using, if any.

Hashing Algorithm The algorithm used to create a hash of the packet, which is used for

IPSec data authentication.

Idle Time The elapsed time (HH:MM:SS) between the last communication

activity on this session and the last screen refresh.

IKE Negotiation Mode The IKE (IPSec Phase 1) mode for exchanging key information and

setting up SAs: Aggressive or Main.

IKE Sessions The total number of IKE (IPSec Phase 1) sessions; usually 1. These

sessions establish the tunnel for IPSec traffic.

IP Address The IP address of the remote peer VPN Concentrator or other secure

gateway that initiated the IPSec LAN-to-LAN connection.

IPSec Sessions The total number of IPSec (Phase 2) sessions, which are data traffic

sessions through the tunnel. Each IPSec remote-access session may

have two IPSec sessions: one showing the tunnel endpoints, and one

showing the private networks reachable through the tunnel.

L2TP Sessions The total number of user sessions through this L2TP or L2TP /

IPSec tunnel; usually

Local Address The IP address (and wildcard mask) of the destination host (or

network) for this session.