How to View IPsec Tunnel Statistics

IP Security (IPsec) protocols provide security services such as encrypting sensitive data, authentication, protection against replay, and data confidentiality for IP packets.  Encapsulating Security Payload (ESP), and Authentication Header (AH) are the two IPsec security protocols used to provide these security services.

In IPsec tunnel mode, the entire original IP packet is protected by IPsec. The original IP packet is wrapped and encrypted, and a new IP header is added before transmitting the packet through the VPN tunnel.

For more information about configuring IPsec tunnels on SD-WAN appliances, see

SD-WAN Center can show you the state of all the IPsec tunnels configured in your SD-WAN network.

To view IPsec tunnel statistics:

In SD-WAN Center, navigate to Reporting > IPsec Tunnels, and in the timeline control select a time period.

For more information about using the timeline control, see How to Use Timeline Controls.

localized image

You can view the following metrics:

  • IPsec Worst State: Worst state observed during the selected time period.
  • MTU: Maximum transmission unit—size of the largest IP datagram that can be transferred through a specific link.
  • TX Bandwidth: Bandwidth transmitted.
  • RX Bandwidth: Bandwidth received.
  • TX Packets: Number of packets transmitted.
  • RX Packets: Number of packets received.
  • Data Dropped: Data dropped, in Kbps.
  • Packets Dropped: Number of packets dropped.


Click the settings icon to select the metrics that you want to view.

How to View IPsec Tunnel Statistics