AP VPN IPSec

To view an access point's IPSec VPN statistics:

  1. Select the Statistics menu from the Web UI.
  2. Expand the System node from the navigation pane (on the left-hand side of the screen). The System node expands to display the RF Domains created within the managed network.
  3. Expand an RF Domain node, select a controller or service platform, and select one of its connected access points. The access point's statistics menu displays in the right-hand side of the screen, with the Health tab selected by default.
  4. Expand the VPN menu.
  5. Select IPSec.
    The Statistics > AP > VPN > IPSec screen displays in the right-hand pane.
    Click to expand in new window
    GUID-4169D555-3E04-4D8B-A5BB-2DADA1B6AE65-low.png
    Review the following VPN peer security association statistics:
    Peer

    Lists IP addresses for peer IDs for peers sharing SAs for tunnel interoperability. When a peer sees a sensitive packet, it creates a secure tunnel and sends the packet through the tunnel to its destination.
    Local IP Address

    Displays each listed peer's local tunnel end point IP address. This address represents an alternative to an interface IP address.
    Protocol

    Lists the security protocol used with the VPN IPSec tunnel connection. SAs are unidirectional, existing in each direction and established per security protocol. Options include ESP and AH.
    State

    Lists the state of each listed peer's security association.
    SPI In

    Lists SPI status for incoming IPSec tunnel packets. SPI tracks each connection traversing the IPSec VPN tunnel and ensures they are valid.
    SPI Out

    Lists SPI status for outgoing IPSec tunnel packets. SPI tracks each connection traversing the IPSec VPN tunnel and ensures they are valid.
    Mode

    Displays the IKE mode as either Main or Aggressive. IPSec has two modes in IKEv1 for key exchanges. The Aggressive mode requires three messages be exchanged between the IPSEC peers to setup the SA. The Main mode requires six messages.
  6. Select Clear All to clear each peer of its current status and begin a new data collection.
  7. Select Refresh to update the screen's statistics counters to their latest values.
9036512-00 Rev AA