Monitoring VPN Tunnels

Because VPN tunnels synchronize between all Security Group Members, use traditional tools to monitor tunnels.

SmartConsole

You must not activate the Monitoring Software Blade in the Security Gateway (Security Group) object.

You can still see VPN tunnel status and details information in SmartConsole.

SNMP

CLI Tools

Note - In a VSX environment, you must run these commands from the context of the applicable Virtual System.

Use these commands:

  • To see VPN statistics for each Security Group Member, run in the Expert mode:

    cpstat -f all vpn

  • To monitor VPN tunnels for each Security Group Member, run in the Expert mode:

    vpn tu

    VPN tunnels are synchronized to all Security Group Members. Therefore, you can run this command from the scope of one Security Group Member.

  • To monitor VPN tunnels in the non-interactive mode, run in Gaia gClish:

    vpn shell tunnels