Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Joe_Kanaszka
Collaborator

IKEView not displaying ike.elg captures?

Hey guys.  Any idea why IKEView is not showing my IKE capture logs?  I can view the info in notepad.  It shows only some captures and I can't figure out what the issue is?

 

I'm running the app on Win11.

 

Thank you.

 

 

 

0 Kudos
15 Replies
the_rock
Legend
Legend

Is it latest ikeview utility?

Andy

0 Kudos
Joe_Kanaszka
Collaborator

I thought so?...Let me double check.  Yes.  appears to be latest one. Version 200.0.0.4.  

Isn't it supposed to be able to open all ike.elg files?

0 Kudos
the_rock
Legend
Legend

I know you cant send the actual ike file, but if you have random one that does not have any sensitive info, happy to try here.

Andy

Joe_Kanaszka
Collaborator

Thanks man.  I can't inspect them right now but thank you.   Weird.  

0 Kudos
the_rock
Legend
Legend

You got it. One I sent you is definitely the latest one.

Andy

0 Kudos
the_rock
Legend
Legend

This is the one I use and never had that problem.

Andy

Joe_Kanaszka
Collaborator

So it appears you can't open up iked.elg files.  ok.  Some captures I do not have anything but iked files.  

0 Kudos
the_rock
Legend
Legend

Correct...ONLY ike.elg

0 Kudos
Joe_Kanaszka
Collaborator

  • Can an R81.20 gateway produce Ike.elg files?  
0 Kudos
the_rock
Legend
Legend

Yes sir, 100%

Joe_Kanaszka
Collaborator

Morning!  Quick question. How can I get my R81.20 gateway to generate Ike.elg logs?  Or is there a way to analyze Ike’s.elg files as easily?  

Thank you again!

 

 

0 Kudos
the_rock
Legend
Legend

vpn debug trunc (rotates vpn debug files)

vpn debug ikeon

-leave it on for few mins

vpn debug ikeoff

check $FWDIR/log dir

Joe_Kanaszka
Collaborator

Thanks man. I’ll give it a shot. I don’t think I was leaving it on long enough. 

0 Kudos
the_rock
Legend
Legend

Just ued ikeview I sent you to open ike.elg file from customer's R81.20 fw we generated 2 weeks ago or so and worked like a charm, no issues.

Andy

0 Kudos
Timothy_Hall
Champion Champion
Champion

Be aware that IKE debugs are written to different files depending on which version of IKE is in use.  IKEv1 is ike.elg, IKEv2 is ike2.xmll usually, but could also be legacy_ike2.xmll.  If you are opening the correct file(s) my guess would be some kind of output format change in the debug that ikeview does not understand, particularly if you are running the more recent versions of gateway code that moved the IKE negotiation function out of the very old vpnd and into the new iked.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82

    Tue 23 Apr 2024 @ 11:00 AM (EDT)

    East US: What's New in R82

    Thu 25 Apr 2024 @ 11:00 AM (SGT)

    APAC: CPX 2024 Recap

    Tue 30 Apr 2024 @ 03:00 PM (CDT)

    EMEA: CPX 2024 Recap

    Thu 02 May 2024 @ 11:00 AM (SGT)

    APAC: What's new in R82
    CheckMates Events