Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Trevor_Bruss
Contributor

WinSCP access to individual members of security group

I often times have the need to pull VPN debug logs off of our security group members. Unfortunately, it appears that each member maintains a unique set of ike.elg logs so in order to get the full picture of what is happening on any given VPN tunnel I need to be able to see each of the individual files.

 

The problem I have is pulling them down. I can connect to the security group IP address but it is only connecting to the SMO member of that group. That is, I can use WinSCP to get to one of the boxes in that group. All the other members of the group I've resorted to logging into them via the move command and then manually connecting to an ftp server and putting the files for the others there, and then later copying those files off my FTP server over to my machine for analysis. It's a real pain.

 

Is there anyway to access each member individually? Since they don't really have an IP address on the network and instead of a their own 192.x.x.x address they use to communicate with each other I'm at a loss for how to do this.

 

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

0 Kudos
Anatoly
Employee
Employee

Hi Trevor,

That is true, security group answers via SMO only when you are working with management IP of security group. This is by design.

Alternatively, you can bring all your logs to SMO using scp between SGMs. You can do so by scp admin@192.0.2.x and then pull them all together using winscp.

 

Thank you,

0 Kudos