CHAPTER 16

System Information

The System Information window provides accurate and up-to-date information on your system’s current status. This dialog box contains a number of tabs that provide information on a variety of system components.

General Information

For general information on Firebox Vclass appliance status, use the System Information window General tab.

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

2 Click the General tab.

Firebox Vclass User Guide 389

CHAPTER 16: System Information

You can use this tab allows you to view general information, such as the model number, current system software version, serial number, system mode (Router or Transparent), IP address for Interface 0 or the

System IP, contact person, and location of the appliance.

3 Click Close .

VPN Tunnel Information

You can view tunnels and traffic statistics, delete specific tunnels, or delete all tunnels and purge the appliance of all residual tunnel records. Remember that tunnels are not always closed when the connection is broken.

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

2 Click the Tunnels tab.

3 Click one of the following two display categories:

390 Vcontroller

VPN Tunnel Information

By IPSec Peers

Displays a list of currently active IPSec peers. The total count of tunnels may include some that are not in active use, but are still on record within the database.

By Policies

Displays a list of all policies you have created and the number of VPN tunnels established by each policy.

Firebox Vclass User Guide 391

CHAPTER 16: System Information

4 to view the traffic statistics and the associated tunnels for a particular IPSec peer or policy, select the entry from the IPSec Peer list.

The display refreshes and the statistics are displayed on the right. if there are any tunnels associated with this entry, the tunnel list displays them.

5 Click Delete Tunnels to remove all established tunnels associated with this IPSec peer or policy and force the creation of new tunnels. If there are no established tunnels this button is unavailable.

6 Click Refresh to remove the Statistics information from the IPSec Peer List field.

7 To delete a specific tunnel associated with an IPSec

Peer or Policy and force the creation of a new tunnel, select the entry from the tunnel list and click Delete .

8 To update the tunnel list with the most recent information, click Refresh .

9 Click Close .

Viewing tunnel details

To view a detailed report of a specific tunnel:

1 Select an entry from the tunnel list and then click

Details .

The Detail Tunnel Information dialog box appears.

2 Click Refresh to update the current SAs list with the most recent information. When you are finished, click

Close to return to the System Information dialog box,

Tunnels tab.

392 Vcontroller

Traffic Information

Traffic Information

To view traffic activity information:

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

2 Click the Traffic tab.

The following information is displayed on the Traffic tab:

Total Packets

Total number of packets processed since the last reboot of this appliance. This includes packets that pass through this appliance and those that are discarded by firewall policies.

Total Bytes

Data traffic in total bytes processed through this appliance since the last reboot.

IPSec Packets

IPSec activity in total number of packets that have been encrypted or decrypted, since the last system startup.

Firebox Vclass User Guide 393

CHAPTER 16: System Information

IPSec Bytes

IPSec encryption/decryption activity in bytes.

Total Tunnels

Number of VPN tunnels.

3 Click Refresh to update the display with the most recent information.

4 Click Reset Connections to disconnect all current connections. This will flush the Firebox Vclass appliance of all residual data connections that may be hampering performance.

5 Click Close .

Route Information

To view the routing table information:

1 Click the Routes tab.

394

2 Click Refresh to update the display with the most recent information.

Vcontroller

RAS User Information

3 When you are finished, click Close .

N OTE

Interfaces are not listed in this table in Transparent Mode.

RAS User Information

After you have set up Remote Access Service (RAS) and implemented VPN policies, you can monitor and manage the current remote user connections using the System

Information window.

1 Click the RAS User tab.

This currently active RAS users are displayed.

2 Click Disconnect to break the selected user connection, including any established tunnels. If an internal IP address was assigned to this user, it will be returned to the system for future use.

3 Click Refresh to update the Active RAS Users display with the most recent information.

4 When you are finished, click Close .

Firebox Vclass User Guide 395

CHAPTER 16: System Information

Viewing RAS user information and tunnel details

You can view a real-time snapshot of a user connection, including information about the properties of a user, properties of tunnels being used by this user, and detailed traffic statistics.

1 Select a user entry from the Active RAS Users list and then click Detail .

The RAS User Information dialog box appears.

396

The User Information and Statistics areas provide extensive information about this user and the current connection. The Tunnel List catalogs the tunnels currently in use.

2 Click Refresh to update the Statistics display with the most recent information.

Vcontroller

Interface 1 (Public) Information

3 Click Disconnect to break the selected user connection, including any established tunnels. If an internal IP address was assigned to this user, it will be returned to the system for future use.

4 To delete a specific tunnel associated with a RAS user and force the creation of a new tunnel, select the entry from the tunnel list and click Delete .

5 To update the tunnel list with the most recent information, click Refresh .

6 To view a detailed report of a specific tunnel, select an entry from the tunnel list and then click Details . Most of the time, a RAS User connection will have only a single tunnel.

The Detail Tunnel Information dialog box appears.

- Click Refresh to update the Current SAs list with the most recent information. When you are finished, click Close to return to the System

Information, Tunnels tab.

- When you are finished, click Close to return to the RAS User Information window.

Interface 1 (Public) Information

This tab displays the status of interface 1 (Public) and the

IP addressing mode in use–Static, DHCP, or PPPoE. This tab is not available in Transparent Mode.

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

2 Click the Interface 1 (Public) tab.

The Interface 1 (Public) information is displayed.

Firebox Vclass User Guide 397

CHAPTER 16: System Information

3 Click Refresh to update the display with the most recent information.

4 If the Backup WAN feature is enabled, you can switch between the Primary and Backup configurations by clicking the Switch to button.

This button always lists the name of the currently inactive WAN.

If Primary is the current configuration, the Switch To option is

Backup. If the Backup connection is active, the Switch To option is Primary.

5 When you are finished, click Close .

DHCP Server Information

If you have configured the Firebox Vclass appliance to act as a DHCP server, you can use this tab to view the DHCP lease information.

This tab is not available in Transparent Mode.

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

398 Vcontroller

Runtime Blocked IP List

2 Click the DHCP Server tab.

THe DHCP server lease information is displayed.

3 Click Refresh to update the display with the most recent information.

4 When you are finished, click Close .

Runtime Blocked IP List

The Blocked IP List in the System Information window allows you to temporarily block sites by IP address. Sites that are automatically blocked by a proxy action are also added to this list. This is a “runtime” list, and the list is discarded upon a system reboot. To permanently block IP addresses, use the Blocked Sites list in the System Configuration window.

1 From the main Vcontroller window, click System

Information .

The System Information dialog box appears.

Firebox Vclass User Guide 399

CHAPTER 16: System Information

2 Click the Blocked IP List tab.

The Runtime Blocked Site List dialog appears.

3 Click Add to add a blocked site.

The Add Blocked Site dialog appears.

400

4 In the IP Address field, type the IP address that you want to block.

5 In the Expiration Time field, type an expiration time for this site in minutes.

The maximum time you can block a runtime site for is 100,000 minutes, or approximately 70 days.

6 Click Apply to add the site to the list, or Cancel to return to the window without adding a site.

Vcontroller

Runtime Blocked IP List

To change expiration time for a runtime blocked site:

1 Select the Blocked site on the list.

2 Click Change Expiration .

The Change Expiration Time dialog appears.

3 In the IP Address field, type a new expiration period for the IP address, and then click Apply , or click

Cancel to return to the Runtime Blocked Site List.

To delete an entry from the Runtime Blocked Site list:

1 Select the entry and click Delete .

A warning dialog appears.

2 Click OK to delete the entry, or Cancel to return to the

Runtime Blocked IP List.

N OTE

You can Shift-click to select multiple contiguous sites from the list, or Control-click to select multiple non-contiguous sites.

Firebox Vclass User Guide 401

CHAPTER 16: System Information

To refresh the Runtime Blocked IP List:

• Click Refresh . The List of Runtime Blocked IP addresses is refreshed. New sites that have been blocked by Proxy Actions since the last refresh of the window now appear. Sites that have expired since the last refresh of the window are no longer listed.

402 Vcontroller