web_gui:vpn_status_page [2010/11/22 10:48] mats |
web_gui:vpn_status_page [2010/11/26 14:11] (current) mats |
||
---|---|---|---|
Line 54: | Line 54: | ||
* As for the actual data traffic: on the inside LAN interface the packets are shown before being encrypted into the tunnel (resp. after they have been decrypted from the tunnel), with their TCP/UDP headers visible (port numbers, IP destination etc). | * As for the actual data traffic: on the inside LAN interface the packets are shown before being encrypted into the tunnel (resp. after they have been decrypted from the tunnel), with their TCP/UDP headers visible (port numbers, IP destination etc). | ||
* On the WAN port, however, these packets are forwarded as ESP or AH packets - the TCP or UDP (or whatever) header/payload is disguised (encrypted) on that interface. The original destination IP address is also invisible, since all AH/ESP packets are simply sent to the remote IPSec gateway. | * On the WAN port, however, these packets are forwarded as ESP or AH packets - the TCP or UDP (or whatever) header/payload is disguised (encrypted) on that interface. The original destination IP address is also invisible, since all AH/ESP packets are simply sent to the remote IPSec gateway. | ||
+ | |||
+ | ---- | ||
+ | :?: The [[vpn_log_page|VPN log]] page is also useful for monitoring the progress of the IPsec tunnels. | ||
\\ | \\ | ||
===== Security associations ===== | ===== Security associations ===== |