Ipsec (phase 2) statistics, Active tunnels, Total tunnels – Cisco VPN 3002 User Manual
Page 208: Received bytes, Sent bytes, Received packets, Sent packets, Received packets dropped, Received packets dropped (anti-replay)
13-20
VPN 3002 Hardware Client Reference
OL-1893-01
Chapter 13 Monitoring
Monitoring | Statistics | IPSec
IPSec (Phase 2) Statistics
This table provides IPSec Phase 2 global statistics. During IPSec Phase 2, the two peers negotiate
Security Associations that govern traffic within the tunnel.
Active Tunnels
The number of currently active IPSec Phase-2 tunnels.
Total Tunnels
The cumulative total of all currently and previously active IPSec Phase-2 tunnels.
Received Bytes
The cumulative total of bytes (octets) received by all currently and previously active IPSec Phase-2
tunnels, before decompression. In other words, total bytes of IPSec-only data received by the IPSec
subsystem, before decompressing the IPSec payload.
Sent Bytes
The cumulative total of bytes (octets) sent by all currently and previously active IPSec Phase-2 tunnels,
after compression. In other words, total bytes of IPSec-only data sent by the IPSec subsystem, after
compressing the IPSec payload.
Received Packets
The cumulative total of packets received by all currently and previously active IPSec Phase-2 tunnels.
Sent Packets
The cumulative total of packets sent by all currently and previously active IPSec Phase-2 tunnels.
Received Packets Dropped
The cumulative total of packets dropped during receive processing by all currently and previously active
IPSec Phase-2 tunnels, excluding packets dropped due to anti-replay processing. If there is a problem
with the content of a packet, the system drops the packet. This number should be zero or very small; if
not, check for misconfiguration.
Received Packets Dropped (Anti-Replay)
The cumulative total of packets dropped during receive processing due to anti-replay errors, by all
currently and previously active IPSec Phase-2 tunnels. If the sequence number of a packet is a duplicate
or out of bounds, there might be a faulty network or a security breach, and the system drops the packet.