Chapter 14 IPSec VPN
"If any of your VPN rules have an active network policy set to
Figure 209 IKE/IPSec Debug Example
ras> ipsec debug | level | display | |
type | ipsec debug | ||
ras> | type |
| |
<0:Disable 1:Original onoff 2:IKE onoff 3: IPSec [SPI]onoff
4:XAUTH onoff 5:CERT onoff 6: All> ras> ipsec debug level
<0:None 1:User 2:Low 3:High>
ras> ipsec debug type 1 on ras> ipsec debug type 2 on ras> ipsec debug level 3
ras> ipsec dial 1
get_ipsec_sa_by_policyIndex():
Start dialing for tunnel <rule# 1>...
ikeStartNegotiate(): saIndex<0>
peerIp<5.1.2.3> protocol: <IPSEC_ESP>(3)
peer Ip <5.1.2.3> initiator(): type<IPSEC_ESP>, exch<Main>
initiator :
protocol: IPSEC_ESP, exchange mode: Main mode find_ipsec_sa(): find ipsec saNot found
Not found isadb_is_outstanding_req(): isakmp is outstanding req : SA not found
isadb_create_entry(): >> INITIATOR
isadb_get_entry_by_addr():
Get IKE entry by address: SA not found
SA not found ISAKMP SA created for peer <BRANCH> size<900>
ISAKMP SA created for peer <BRANCH> size<900> ISAKMP SA built, ikePeer.s0
ISAKMP SA built, index = 0isadb_create_entry(): done
create IKE entry doneinitiator(): find myIpAddr = 0.0.0.0, use <5.6.7.8> r
332 |
| |
ZyWALL 2WG User’s Guide |
| |
|
|
|