This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ana_11
Participant
‎2020-09-02 12:49 AM

VPN Index value

Hi 

we are enabling IPSec tunnel monitoring, we need the tunnel interface index value. how to find the tunnel interface index value. I have gone through with the VPN guide but couldn't find the relevant information. Please help

 

0 Kudos
2 Replies
G_W_Albrecht
Legend
Legend
‎2020-09-02 01:08 AM

Please write what a tunnel interface index value is - in 12 years of CP (and other) VPN i never have encountered this index...

CCSE CCTE CCSM SMB Specialist
0 Kudos
Timothy_Hall
Champion
Champion
‎2020-09-02 06:47 AM

Are you asking about the Security Parameter Index (SPI) value?  This is a uniquely generated value in the ESP header that identifies which tunnel (and secret key) encrypted VPN traffic is associated with; it is not a fixed value over a long period of time, only for the lifetime of a tunnel.

If you are using route-based VPNs employing a VPN Tunnel Interface (VTI), then you may be referring to the value displayed by fw ctl iflist:

[Expert@R8040:0]# fw ctl iflist
1 : eth0
2 : eth1
3 : vpnt1

Not sure if you are looking for the "ifn" value (which is 3 for the VTI vpnt1) or the "VPN Tunnel ID" which is specified when a VTI is created, and automatically becomes part of the interface name, "1" in this example for VTI vpnt1.

New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com
0 Kudos