VPN Index value

Ana_11 · ‎2020-09-02

Hi

we are enabling IPSec tunnel monitoring, we need the tunnel interface index value. how to find the tunnel interface index value. I have gone through with the VPN guide but couldn't find the relevant information. Please help

G_W_Albrecht · ‎2020-09-02

Please write what a tunnel interface index value is - in 12 years of CP (and other) VPN i never have encountered this index...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Timothy_Hall · ‎2020-09-02

Are you asking about the Security Parameter Index (SPI) value? This is a uniquely generated value in the ESP header that identifies which tunnel (and secret key) encrypted VPN traffic is associated with; it is not a fixed value over a long period of time, only for the lifetime of a tunnel.

If you are using route-based VPNs employing a VPN Tunnel Interface (VTI), then you may be referring to the value displayed by fw ctl iflist:

[Expert@R8040:0]# fw ctl iflist
1 : eth0
2 : eth1
3 : vpnt1

Not sure if you are looking for the "ifn" value (which is 3 for the VTI vpnt1) or the "VPN Tunnel ID" which is specified when a VTI is created, and automatically becomes part of the interface name, "1" in this example for VTI vpnt1.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Are you a member of CheckMates?

VPN Index value