Current IP Filters by Destination Address workspace
The Current IP Filters By Destination Address workspace displays
all the IP filters that match a destination IP address you specify.
One of the ways to display the Current IP Filters by Destination
Address workspace is to do the following:
- Right-click the IP Filters navigator item
for a specific TCP/IP stack.
- Select Workspaces, and select the Current IP Filters link.
- Click the Link icon in the Current IP Filters In Scan Order Summary table and select Current
IP Filters by Destination Address.
- Provide a destination IP address for one of the filters in the
current stack in the resulting dialog box. The IP address input field
in the dialog box is filled in by default with the value from the Destination Address column for the selected filter,
but you can change this value to be another IPv4 or IPv6 address found
on this TCP/IP stack. Specify an IP address that has the same IP address
version as the selected connection. If you specify an IPv6 address
and the selected connection has an IPv4 Destination Address, then
the linked to workspace will not find any filters to display. With
this address as input, this link navigates to the Current IP Filters
By Destination Address workspace showing the IP filters that match
the destination IP address that you provided. Note that if the Destination Address column in the Summary table
is blank, the IP address input field in the dialog box is filled with
an IP address that has a value of zero (0) for all subnets in the
address.
Summary information is displayed in the Current IP Filters by Destination Address Summary table. See Current IP Filters Attributes for
a list of other workspaces that can be accessed by clicking the Link icon in the Summary table.
The Current IP Filters by Destination Address workspace contains
the following views:
- Five Filters With Most Total Packets Matched:
Displays the five filters that have the highest number of total packets
that matched the filter's condition and action in the Current
IP Filters table.
- Five Filters With Most Total Packets Denied
By DENY: Displays the five filters that have the highest number
of total packets that matched the filter's condition and for
which the action was DENY.
- Five Filters With Most Total Packets Denied
by Mismatch: Displays the five filters that have the highest
number of total packets that matched the filter's condition but
did not match the filter's action (for example, if a packet was
sent "in the clear" but the action was coded as IPSec). This
view can provide an indication of a configuration problem such as
packets flowing in the clear when they should be encrypted.
- Current IP Filters by Destination Address Summary table:
Provides performance and configuration data about currently active
IP filters.
Current IP Filters by Destination Address Summary table
The Current IP Filters by Destination Address Summary table provides
performance and configuration data about currently active IP filters.
Each row in the table represents a single IP filter. The first 500
filters are displayed. Additional filters may be displayed by following
one of the links.
For a complete list of the attributes available in the Current
IP Filters by Destination Address Summary table, and a brief description
of each, see the Current IP Filters Attributes help panel.
These additional workspaces can be accessed by clicking the Link icon in the Current IP Filters by Destination
Address Summary table:
- Dynamic IP Tunnels by Filter Rule Definition Name workspace (default).
This link navigates to the Dynamic IP Tunnels workspace and shows
tunnels that have a filter rule definition name that matches the name
of the selected filter. This is a conditional link and is displayed
in the list of available links only if the filter Type is
DYNAMIC (4), NATTDYN (6), or NRF (7).
- Dynamic IP Tunnels by Tunnel ID workspace:
This is a conditional link displayed in the list of available links
only if the filter Type is DYNAMIC (4), NATTDYN
(6), or NRF (7). This link navigates to the Dynamic IP Tunnels workspace
and shows tunnels that have a tunnel ID that matches the tunnel ID
associated with the selected filter.
- Manual IP Tunnels by Tunnel ID workspace:
This is a conditional link displayed in the list of available links
only if the filter Type is MANUAL (2). This
link navigates to the Manual IP Tunnels workspace workspace
and shows tunnels that have a tunnel ID that matches the tunnel ID
associated with the selected filter.
- The Current IP Filters In Scan Order By Same
Page workspace: This link navigates to the Current IP Filters in Scan Order workspace and shows the IP filters
that have a page number that is equal to the page number for the selected
filter. If the active filters have changed significantly between
collection intervals (for example, if the filter set in use was switched
or a large number of filters became inactive), link might display
a workspace with no filters.
See also: