SROS Command Line Interface Reference Guide

Enable Mode Command Set

 

 

debug crypto [ike ike negotiation ike client authentication ike client configuration ipsec pki]

Use the debug crypto command to activate debug messages associated with IKE and IPSec functions. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages.

Syntax Description

ike

Displays all IKE debug messages.

ike negotiation

Displays only IKE key management debug messages (e.g., handshaking).

ike client authenticationDisplays IKE client authentication messages as they occur.

ike client configurationDisplays mode-config exchanges as they take place over the IKE SA. It is

 

enabled independently from the ike negotiation debug described previously.

ipsec

Displays all IPSec debug messages.

pki

Displays all PKI (public key infrastructure) debug messages.

Default Values

By default, all debug messages in the Secure Router OS are disabled.

Command Modes

#

Enable Command Mode

Usage Examples

The following example activates the IPSec debug messages:

>enable

#debug crypto ipsec

5991-2114

© Copyright 2005 Hewlett-Packard Development Company, L.P.

66

Page 66
Image 66
HP 7000 dl Router manual Ike negotiation, Ipsec, Pki, Enable #debug crypto ipsec