Remote Access VPN Dashboard

Remote Access Virtual Private Network (RA VPN) allows remote users to securely connect to your network. The RA VPN dashboard allows you to monitor real-time data from active RA VPN sessions on the devices. You can quickly determine problems related to user sessions and mitigate the problems for your network and users.

RA VPN dashboard (Insights & Reports > VPN dashboards > Remote Access VPN) provides a snapshot of the active RA VPN sessions on the threat defense devices managed by the Firewall Management Center.

The dashboard provides:

  • Visualization of active user sessions based on their location.

  • Detailed information about the active user sessions.

  • Mitigation of user session problems by terminating sessions, if required.

  • Distribution of active user sessions per device, encryption type, Secure Client version, operating system, and connection profile.

  • Device identity certificate expiration details of the devices.

The dashboard has the following widgets:

  • Active Sessions (Tabular View)

  • Active Sessions (Map view)

  • Sessions

  • Device Identity Certificates

Active Sessions (Tabular View)

This widget provides a tabular view of the active RA VPN users connected. You can view details of the active RA VPN sessions such as username, assigned IP, public IP, login time, VPN gateway (threat defense device), client application, client operating system, connection profile, and group policy. You can use the filter to narrow down your search based on the different criteria. You can also perform the following actions on the individual sessions:

  • Terminate a session of a specific user.

  • Terminate all sessions of a specific user connected to a specific VPN gateway.

  • Terminate all sessions that are connected to a specific VPN gateway.

If a client device supports dual address stack and the RA VPN configuration on the Firewall Threat Defense device allows IPv4 and IPv6 address pools, when a client establishes an RA VPN session with the headend device, it assigns an IPv4 and an IPv6 address to the client's tunnel interface. The RA VPN session has two IP addresses, an IPv4 and an IPv6 address on the threat defense device. The Firewall Management Center shows two sessions for the same user, one with an IPv4 address and another with an IPv6 address, and the session count is two.

Hence, even when there is only a single RA VPN session from a user as per show vpn-sessiondb l2l filter ipaddress command on the device, the Firewall Management Center shows two different sessions.

Active Sessions (Map View)

This widget shows an interactive heat map to visualize the location of the users connected through RA VPN sessions on the devices.

  • Countries that have user sessions appear in shades of blue.

  • Legend of the map provides a scale that indicates the correlation between the number of sessions in a country and the shade of blue for the country.

  • Hover the mouse pointer over the map to view the country name and the total number of active user sessions.

  • Zoom in, zoom out, and reset options are available.

Sessions

This widget allows you to monitor real-time data from active RA VPN sessions on the devices. You can filter and view the distribution of active RA VPN sessions according to:

  • Device: Displays the number of sessions per device.

  • Encryption Type: Displays the number of Secure Client SSL or IPsec sessions.

  • Secure Client Version: Displays the sessions per Secure Client version.

  • Operating System: Displays the sessions per operating systems. For example, Windows, Linux, Mac, Mobile OS, and so on.

  • Connection Profile: Displays the sessions per connection profile.

Device Identity Certificates

This widget provides information about the identity certificate expiry of the RA VPN gateways. You can view expired certificates and certificates that are due for expiry within a month. Click View Details to view the certificates in the Devices > Certificates page.