<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
System Log Queries to Identify Tunnel or VPN Connections
Oct 27, 2025
Okta Identity Engine
Network Zone
Overview

This article clarifies how to determine the connection method when a user connects to a service. It describes how to identify if the connection uses proxy servers, tunnels, or a Virtual Private Network (VPN). The System Log must be searched to verify the connection method.

Applies To
  • Okta Identity Engine (OIE)
  • Enhanced Dynamic Network Zone
  • System Log
Solution

System Log queries verify the connection type, such as a tunnel or a Virtual Private Network (VPN).

  1. To verify if the connection is through tunnels, use the following query:

debugContext.debugData.tunnels co "\"anonymous\":false" or debugContext.debugData.tunnels co "\"anonymous\":true"

 

  1. To verify if the connection is through a VPN as a proxy, use the following query:

debugContext.debugData.tunnels co "\"type\":\"VPN\""

 

NOTE: If the System Logs do not contain information about tunnels, the vendors do not have information about that Internet Protocol (IP) address, or the Internet Protocol (IP) address might be new.

Related References

Recommended content

Still looking for help?
Loading
System Log Queries to Identify Tunnel or VPN Connections