How to Obtain the Policy ID Number for the VPN's Policy (KB ID: KB9478)
| Article ID: | KB9478 |
|---|---|
| Former Article ID: | |
| Published: | Feb 22, 2008 |
| Last Modified: | Feb 22, 2008 |
| Visible By: | Employee, PTAC, Partner, Customer, Public |
Back to Previous Page | Knowledge Base Home
Article URL
Synopsis
How to get the policy number of the policy that is being used for the VPN that is not working.
Problem
Symptoms & Errors:
- A VPN does not establish
- Cannot get any traffic (ping, etc…) from the PC to the internal network through the tunnel.
- An incoming policy is defined to allow Dial-Up VPN to access internal network.
Solution
To Determine which Policy is Used by the VPN
From the WebUI:
- Click on VPN > Monitor Status. If a policy is bound to a tunnel, the VPN will be displayed here. The Policy ID column will list the ID number of the policy that is associated with the VPN. The Policy ID is listed in the following format: i/o, where i equals the number of the policy used for the incoming traffic and o is for the outgoing traffic. A policy ID of -1 indicates there is no policy for that direction. This is used for uni-directional VPNs, like most Dial-Up VPNs.
How To View the Policy
From the WebUI:
- Click on Policies. Select the appropriate source (From) and destination (To) zones and click Go. Identify the policy that is associated with the VPN that is not working and make note of it's ID number.
From the CLI:
- At the command line, type
get policythen press Enter. This will show all configured policies on the Netscreen. Record the ID number of the policy that is associated with the VPN that is not working.
Category Description
By Product » Hardware » Firewalls
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN
By Product » Software » Network Operating Systems » ScreenOS Software
By Product » Software » VPN Clients
Purpose