This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Ana_11
Participant
‎2020-09-02 12:49 AM

VPN Index value

Hi 

we are enabling IPSec tunnel monitoring, we need the tunnel interface index value. how to find the tunnel interface index value. I have gone through with the VPN guide but couldn't find the relevant information. Please help

 

0 Kudos
Reply
2 Replies
G_W_Albrecht
Champion
Champion
‎2020-09-02 01:08 AM

Please write what a tunnel interface index value is - in 12 years of CP (and other) VPN i never have encountered this index...

0 Kudos
Reply
Timothy_Hall
Champion
Champion
‎2020-09-02 06:47 AM

Are you asking about the Security Parameter Index (SPI) value?  This is a uniquely generated value in the ESP header that identifies which tunnel (and secret key) encrypted VPN traffic is associated with; it is not a fixed value over a long period of time, only for the lifetime of a tunnel.

If you are using route-based VPNs employing a VPN Tunnel Interface (VTI), then you may be referring to the value displayed by fw ctl iflist:

[Expert@R8040:0]# fw ctl iflist
1 : eth0
2 : eth1
3 : vpnt1

Not sure if you are looking for the "ifn" value (which is 3 for the VTI vpnt1) or the "VPN Tunnel ID" which is specified when a VTI is created, and automatically becomes part of the interface name, "1" in this example for VTI vpnt1.

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Reply