Current IP Filters by Destination Address Workspace
The Current IP Filters By Destination Address workspace displays all the
IP filters that match a destination IP address you specify.
One of the ways to display the Current IP Filters by Destination Address
workspace is to do the following:
- Right-click the IP Filters navigator item for a
specific TCP/IP stack.
- Select Workspaces, and select the Current IP Filters link.
- Click the Link icon in the Current IP Filters In Scan Order summary table and
select Current IP Filters by Destination Address.
- Provide a destination IP address for one of the filters in the
current stack in the resulting dialog box. The IP address input field in the
dialog box is filled in by default with the value from the Destination Address column for the selected filter, but you can change
this value to be another IPv4 or IPv6 address found on this TCP/IP stack.
Specify an IP address that has the same IP address version as the selected
connection. If you specify an IPv6 address and the selected connection has
an IPv4 Destination Address, then the linked to workspace will not find any
filters to display. With this address as input, this link navigates to the
Current IP Filters By Destination Address Workspace showing the IP filters
that match the destination IP address that you provided. Note that if the Destination Address column in the summary table is blank,
the IP address input field in the dialog box is filled with an IP address
that has a value of zero (0) for all subnets in the address.
Summary information is displayed in the Current IP Filters by Destination Address summary table.
See Current IP Filters Attributes for a list of other workspaces that can
be accessed by clicking the Link icon in the summary
table.
The Current IP Filters by Destination Address Workspace contains the following
views:
- Five Filters With Most Total Packets Matched: Displays
the five filters that have the highest number of total packets that matched
the filter's condition and action in the Current IP Filters table.
- Five Filters With Most Total Packets Denied By DENY: Displays the five filters that have the highest number of total packets
that matched the filter's condition and for which the action was DENY.
- Five Filters With Most Total Packets Denied by Mismatch: Displays the five filters that have the highest number of total packets
that matched the filter's condition but did not match the filter's
action (for example, if a packet was sent "in the clear" but the action
was coded as IPSec). This view can provide an indication of a configuration
problem such as packets flowing in the clear when they should be encrypted.
- Current IP Filters by Destination Address summary table: Provides
performance and configuration data about currently active IP filters.
Current IP Filters by Destination Address summary table
The Current IP Filters by Destination Address summary table provides performance
and configuration data about currently active IP filters. Each row in the
table represents a single IP filter. The first 500 filters are displayed.
Additional filters may be displayed by following one of the links.
For a complete list of the attributes available in the Current IP Filters
by Destination Address summary table, and a brief description of each, see
the Current IP Filters Attributes help panel.
These additional workspaces can be accessed by clicking the Link icon in the Current IP Filters by Destination Address summary table:
- Dynamic IP Tunnels by Filter Rule Definition Name Workspace (default).
This link navigates to the Dynamic IP Tunnels workspace and shows tunnels
that have a filter rule definition name that matches the name of the selected
filter. This is a conditional link and is displayed in the list of available
links only if the filter Type is DYNAMIC (4), NATTDYN
(6), or NRF (7).
- Dynamic IP Tunnels by Tunnel ID Workspace:
This is a conditional link displayed in the list of available links only
if the filter Type is DYNAMIC (4), NATTDYN (6), or NRF
(7). This link navigates to the Dynamic IP Tunnels workspace and shows tunnels
that have a tunnel ID that matches the tunnel ID associated with the selected
filter.
- Manual IP Tunnels by Tunnel ID Workspace:
This is a conditional link displayed in the list of available links only
if the filter Type is MANUAL (2). This link navigates
to the Manual IP Tunnels Workspace workspace and shows tunnels
that have a tunnel ID that matches the tunnel ID associated with the selected
filter.
- The Current IP Filters In Scan Order By Same Page Workspace: This link navigates to the Current IP Filters in Scan Order Workspace and
shows the IP filters that have a page number that is equal to the page number
for the selected filter. If the active filters have changed significantly
between collection intervals (for example, if the filter set in use was switched
or a large number of filters became inactive), link might display a workspace
with no filters.
See also: