VPN Access Reports
To search for and generate reports on the VPN connections that the selected log sources either completed or denied during a specified time interval, use the VPN Access Real-Time Report.
Menu path:
In addition to setting the common report options in Preparing a Real-time Report, you can select optional filter operators in the generated report.
Optional filter operators can be sorted in ascending or descending order. Choose sort order using the list. The default is to display all the options.
For information on saving the generated report, see Formats for Saving a Generated Report.
| Option | Description |
|---|---|
| Source Device | Description of the device that sent these log messages |
| Public IP | Public IP address originating the VPN connection |
| Group | VPN group of which the source device is a part |
| User | VPN user ID |
| Target User | VPN user ID of the originating VPN connection |
| Connections | Number of log messages received representing connections |
| Denies | Number of denied connection messages received |
| Avg Duration | Average duration of each connection |
| Byte Count | Number of bytes transferred during the session |
| Avg Bandwidth (Bytes/Sec) | Average bandwidth used for each connection |
Appliances cannot receive disconnected messages. A VPN session is recorded permanently in the database table authentication after it is disconnected, prior to that the session is considered active. A Check Point VPN session is considered disconnected when a new connection attempt is made by the same user from the same IP address.