This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

how to get number of S-S tunnel established on the the firewall? And its details..

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

how to get number of S-S tunnel established on the the firewall? And its details..

Go to solution
Gururaj
L4 Transporter

‎08-14-2013 03:16 AM

Hi All,

how to get number of S-S tunnel established on the the firewall? And its details..along with the IP address utilizing tunnel.

Regards,

Gururaj

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
harshanatarajan
L4 Transporter

‎08-14-2013 03:31 AM

>show vpn flow

>show vpn flow tunnel-id <id> - will give the details.

View solution in original post

0 Likes Likes
6 REPLIES 6

Go to solution
harshanatarajan
L4 Transporter

‎08-14-2013 03:31 AM

>show vpn flow

>show vpn flow tunnel-id <id> - will give the details.

0 Likes Likes

Go to solution
UhMayYeah
L5 Sessionator

‎08-14-2013 03:35 AM

To list the number of Active Tunnels using CLI :

> show vpn flow

>show vpn flow tunnel-id <id>

Exhibit:

=======

> show vpn flow

total tunnels configured:                                     1

filter - type IPSec, state any

total IPSec tunnel configured:                                1

total IPSec tunnel shown:                                     1

id    name                  state      monitor      local-ip        peer-ip         tunnel-i/f

-----------------------------------------------------------------------------------------------

2     test                  active     off          10.66.24.21     10.66.24.70     tunnel

> show vpn flow tunnel-id 2

tunnel  test

        id:                     2

        type:                   IPSec

        gateway id:             1

        local ip:               10.66.24.21

        peer ip:                10.66.24.70

        inner interface:        tunnel

        outer interface:        ethernet1/3

        state:                  active

        session:                123929

        tunnel mtu:             1428

        lifetime remain:        expiring

        latest rekey:           1 seconds ago

        monitor:                off

        monitor packets seen:   0

        monitor packets reply:  0

        en/decap context:       231

        local spi:              8F912DE5

        remote spi:             BC287800

        key type:               auto key

        protocol:               ESP

        auth algorithm:         SHA1

        enc  algorithm:         AES128

        proxy-id local ip:      0.0.0.0/0

        proxy-id remote ip:     0.0.0.0/0

        proxy-id protocol:      0

        proxy-id local port:    0

        proxy-id remote port:   0

        anti replay check:      yes

        copy tos:               no

        authentication errors:  0

        decryption errors:      0

        inner packet warnings:  0

        replay packets:         394

        packets received

          when lifetime expired:0

          when lifesize expired:0

        sending sequence:       0

        receive sequence:       0

        encap packets:          1301

        decap packets:          4253

        encap bytes:            135176

        decap bytes:            456840

        key acquire requests:   9236

Go to solution
Gururaj
L4 Transporter
In response to UhMayYeah

‎08-14-2013 04:02 AM

Is it possible to get at least some information through GUI? ex: encap & decap packets, Total number of users etc

Regards,

Gururaj

0 Likes Likes

Go to solution
harshanatarajan
L4 Transporter
In response to Gururaj

‎08-14-2013 04:03 AM

Nope.

0 Likes Likes

Go to solution
harshanatarajan
L4 Transporter

‎08-14-2013 04:12 AM

You can only view the configured parameters and logs in the system logs regarding the tunnels in the GUI.

Go to solution
VinceM
L5 Sessionator

‎08-14-2013 08:00 AM

Hi,

Try https://live.paloaltonetworks.com/docs/DOC-4581 and if you want to dev add-on ... feel free to do and share 🙂

Hope help

V.

  • 1 accepted solution
  • 3231 Views
  • 6 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks