IPSec Status

Policies (configured "connections")
Shows essential information regarding the configured security policies in processing order. Automatically generated policies are also included.

Security associations (current "traffic tunnels")
Shows status of data traffic tunnels, selected algorithms, and the remaining life time of the security association.
New security associations (with new encryption keys) are created and traffic shifted over to those before life time exires.
Renegotiations can be forced by deleting all or indivual security associations.

IKE Security associations (current "key tunnels")
Shows status of IKE key exchange tunnels.
The IKE SA can be in different states depending on ongoing key negotiations, "Active" means that the IKE SA is fully established and can be used for creating traffic tunnels.