Verifying that the VPN is up is fairly easy. The first test is to try and ping a system on the remote end using its real IP address. If that doesn't work, you'll need to run the netstat command and verify that the VPN has been activated and entered routes to the other end of the VPN. You should see something like the following:
[email protected]:~ # netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.2.0 220.127.116.11 255.255.255.0 UG 0 0 0 ipsec0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 18.104.22.168 0.0.0.0 255.255.252.0 U 0 0 0 eth1 22.214.171.124 0.0.0.0 255.255.252.0 U 0 0 0 ipsec0 0.0.0.0 126.96.36.199 0.0.0.0 UG 0 0 0 eth1 [email protected]:~ #
Notice the two routes on interface ipsec0. Both of them will be there if the VPN is up and running. If they are not there, then something is wrong with the parameters entered into the VPN configuration or the network between the two firewalls.