eG Monitoring
 

Measures reported by FgFnSslVpnTest

Remote users access the corporate network using an SSL VPN, connecting either by web mode using a web browser or tunnel mode using FortiClient.

Web mode allows users to access network resources, such as the Internal Segmentation Firewall (ISFW). For users connecting via tunnel mode, traffic to the internet will flow through the FortiGate so that security scanning can be applied to this traffic. During the connecting phase, the FortiGate also verifies whether the remote user’s antivirus software is installed and up-to-date.

If the SSL VPN is misconfigured or does not function as expected, then, remote users could not login to the corporate network. This would in turn affect the productivity of the users who work from home, affect the users who would need critical information available only on the corporate network etc. Therefore it is necessary to monitor the SSL VPN of the FortiGate firewall round the clock. The FgFnSslVpnTest test helps administrators on this regard!

Using this test administrators can figure out the current status of the SSL VPN. In addition, administrators can also figure out the users who are active on the SSL VPN using the web mode and tunnel mode. The sessions that were initiated by the users on the SSL VPN through the web mode and tunnel mode can also be tracked besides tracking the maximum number of users and sessions on the SSL VPN. This way, abnormalities can be detected and preemptive measures can be initiated before users face issues in accessing the corporate network.

Outputs of the test : One set of results for the target firewall being monitored.

The measures made by this test are as follows:

Measurement Description Measurement Unit Interpretation
SSL_VPN_status Indicates the current state of the SSL VPN.   The values reported by this measure and its numeric equivalents are mentioned in the table below:

Measure Value Numeric Value
Disabled 1
Enabled 2

Note:

By default, this measure reports the Measure Values listed in the table above to indicate the current state of the SSL VPN. The graph of this measure however is represented using the numeric equivalents only - 1 or 2.
Users_logged Indicates the number of users logged in through the SSL VPN. Number  
Act_tunnel_users Indicates the number of users currently active on the SSL VPN through the tunnel mode. Number  
Act_web_users Indicates the number of web users currently active on the SSL VPN through the web mode. Number  
Max_users_logged Indicates the maximum number of users logged in using the SSL VPN since the start of the firewall. Number  
Tot_active_ses Indicates the total number of sessions that are active on the SSL VPN. Number  
Act_tunnel_ses Indicates the number of sessions that are currently active on the SSL VPN using the tunnel mode. Number  
Act_web_ses Indicates the number of sessions that are currently active on the SSL VPN using the web mode. Number  
Max_sess_logged Indicates the maximum number of sessions logged in using the SSL VPN since the start of the firewall. Number