Concentrator Monitor Session Details

L, Public DP Assigned IP . . ,L „ , - -r- r. ^ Bvtes Bites US~e Address A^Lss UgtnTtme Duration £ ^

| student! |l72.2i.26.1 Il0.0.1.70 IPSec |3DES-168 ^"g^ |o:Q4:09 109840 31936

IKE Sessions :1 IPSec Sessions: 2

IKE Session

Session ID

1 Encryption Algorithm 3DES-16S

Authentication Mode

Pie-Shared Keys (XAUTH) HCE Negotiation Mode Aggressive 86400 seconds

2 Remote Address 172.26.26.1

Hashing Algorithm Encapsulation Mode

Tunnel Rekey Time Intetval 2SS00 seconds

3 Remote Address 10.0.1.70 «

Hashing Algorithm Rekey Time Intetval Bytes Received

MDi Encapsulation Mode Tunnel 31792 Bytes Transmitted 112043

© 2003, Cisco Systems, Inc. All rig hts reseived. CSVPN 4 J)—10-25

© 2003, Cisco Systems, Inc. All rig hts reseived. CSVPN 4 J)—10-25

The administrator can also monitor VPN-to-Concentrator sessions from the Concentrator. The Monitoring>Session>Details window enables the administrator to get more in-depth information about the session, such as the hashing algorithm, authentication mode, encryption algorithm, and Diffie-Hellman (DH) group. The top line is a repetition of the remote access session entry. Below the remote entry session, the window is divided into IKE and IPSec sessions.

The first session is the IKE session. This session displays the details of the IKE tunnel establishment. It displays such details as hashing algorithm, encryption algorithm, authentication method, rekey interval, Diffie-Hellman group, and IKE negotiation mode. The next sessions detail the IPSec sessions. Displayed are the attributes of the IPSec session to include the local and remote IP address, hashing and encryption algorithms, encapsulation mode, rekey interval, and so on.

In the figure above, the tunnel is established between the public interfaces of the Concentrator, 192.168.1.5 and the Hardware Client, 172.26.26.1. When traffic flows, it flows between the central site LAN, 10.0.1.0, to a PAT address on the Hardware Client's private network, 10.0.1.70. The remote PC's IP address is changed to 10.0.1.70 and given a UDP port number. The remote PC's IP address is hidden from the outside. Hosts on the Hardware Client are not directly addressable from the central site.

192.168.10.31

192.168.10.32

192.168.10.31

192.168.10.32

Was this article helpful?

0 0

Post a comment