Knowledge Search


×
 

How to Obtain the Policy ID Number for the VPN's Policy

  [KB9478] Show Article Properties


Summary:
How to get the policy number of the policy that is being used for the VPN that is not working.
Symptoms:

Symptoms & Errors:

  • A VPN does not establish
  • Cannot get any traffic (ping, etc…) from the PC to the internal network through the tunnel.
  • An incoming policy is defined to allow Dial-Up VPN to access internal network.
Solution:

To Determine which Policy is Used by the VPN

From the WebUI:

  • Click on VPN > Monitor Status.  If a policy is bound to a tunnel, the VPN will be displayed here.  The Policy ID column will list the ID number of the policy that is associated with the VPN.  The Policy ID is listed in the following format: i/o, where i equals the number of the policy used for the incoming traffic and o is for the outgoing traffic.  A policy ID of -1 indicates there is no policy for that direction.  This is used for uni-directional VPNs, like most Dial-Up VPNs.

How To View the Policy

From the WebUI:

  • Click on Policies.  Select the appropriate source (From) and destination (To) zones and click Go.  Identify the policy that is associated with the VPN that is not working and make note of it's ID number.

From the CLI: 

  • At the command line, type get policy then press Enter.  This will show all configured policies on the Netscreen.  Record the ID number of the policy that is associated with the VPN that is not working.
Related Links: