- Products
- Learn
- Local User Groups
- Partners
- More
The Great Exposure Reset
24 February 2026 @ 5pm CET / 11am EST
AI Security Masters E4:
Introducing Cyata - Securing the Agenic AI Era
AI Security Masters E3:
AI-Generated Malware
CheckMates Go:
CheckMates Fest
Hey guys,
This script gives you some options to collect vpn debugs. Not sure if anyone would be willing to test it on real environment, but it does work.
[Expert@CP-GW:0]# ./vpn_debug_collect.sh
Usage:
vpn_debug_collect.sh start [options]
vpn_debug_collect.sh stop --dir <output_dir>
vpn_debug_collect.sh status --dir <output_dir>
Common options (for start):
--peer <ip> Peer IP to focus captures and SA display (optional)
--duration <sec> Auto-stop after N seconds and create bundle (optional)
--tcpdump Capture UDP/500, UDP/4500, ESP to pcap (optional)
--fwmonitor Capture with fw monitor to file (optional)
--ikemon Enable IKE Monitor (writes ikemonitor.snoop) (optional, sensitive)
--clear-sa Clear IKE/IPsec SAs for --peer (optional, disruptive)
--ike-rotate <mb> Rotate IKE debug file size (legacy mode option)
Examples:
# 2-minute focused capture for a peer:
./vpn_debug_collect.sh start --peer 203.0.113.10 --duration 120 --tcpdump --fwmonitor
# Manual stop later:
./vpn_debug_collect.sh stop --dir /var/log/vpn_debug_20260221_123000
[Expert@CP-GW:0]#
Hey guys,
This script gives you some options to collect vpn debugs. Not sure if anyone would be willing to test it on real environment, but it does work.
[Expert@CP-GW:0]# ./vpn_debug_collect.sh
Usage:
vpn_debug_collect.sh start [options]
vpn_debug_collect.sh stop --dir <output_dir>
vpn_debug_collect.sh status --dir <output_dir>
Common options (for start):
--peer <ip> Peer IP to focus captures and SA display (optional)
--duration <sec> Auto-stop after N seconds and create bundle (optio
Wow, this itinerary is great! I'll test it out in a few days and try to give feedback in this post. Thanks @the_rock for sharing!
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY