- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
sk63560 - How to run complete VPN debug on Security Gateway to troubleshoot VPN issues? gives:
Enable VPND and IKE debug:
[Expert@HostName]# vpn debug trunc
[Expert@HostName]# vpn debug on TDERROR_ALL_ALL=5
---
Stop VPND and IKE debug:
[Expert@HostName]# vpn debug off
[Expert@HostName]# vpn debug ikeoff
So would I be right to assume that vpn debug off TDERROR_ALL_ALL=0 is "discontinued" and that vpn debug off is to be used? sk89940 also refers to vpn debug off TDERROR_ALL_ALL=0 so unless my syntax is wrong or I'm missing a hotfix the documentation should be updated?
Anytime you invoke a debug command like this with TDERROR_ALL_ALL=5, you should always include TDERROR_ALL_ALL=0 when you turn it back off. Failure to do so seems to still leave some extra debugging enabled, have noticed this effect with fwm in particular.
That's what I thought but it obviously didn't work for me so I was wondering whether I was doing something wrong or whether the said way of turning vpn debugging off is discontinued.
In your original post you said you were using "vpn debug off TDERROR_ALL_ALL=5" which is incorrect. The SK you reference uses "vpn debug off TDERROR_ALL_ALL=0" which is correct. Even after running this latter command, there will still be some slight debugging dumped into $FWDIR/log/vpnd.elg by default, even if debug has been properly disabled.
I think I mistyped the original question which I will rectify now but if you look at the screenshot attached you can see what I mean.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY