This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Joe_Kanaszka
Advisor
‎2023-11-17 11:23 AM

IKEView not displaying ike.elg captures?

Hey guys.  Any idea why IKEView is not showing my IKE capture logs?  I can view the info in notepad.  It shows only some captures and I can't figure out what the issue is?

 

I'm running the app on Win11.

 

Thank you.

 

 

 

Labels
0 Kudos
15 Replies
the_rock
Legend
Legend
‎2023-11-17 11:32 AM

Is it latest ikeview utility?

Andy

0 Kudos
Joe_Kanaszka
Advisor
‎2023-11-17 11:36 AM
In response to the_rock

I thought so?...Let me double check.  Yes.  appears to be latest one. Version 200.0.0.4.  

Isn't it supposed to be able to open all ike.elg files?

0 Kudos
the_rock
Legend
Legend
‎2023-11-17 11:38 AM
In response to Joe_Kanaszka

I know you cant send the actual ike file, but if you have random one that does not have any sensitive info, happy to try here.

Andy

Joe_Kanaszka
Advisor
‎2023-11-17 11:54 AM
In response to the_rock

Thanks man.  I can't inspect them right now but thank you.   Weird.  

0 Kudos
the_rock
Legend
Legend
‎2023-11-17 11:55 AM
In response to Joe_Kanaszka

You got it. One I sent you is definitely the latest one.

Andy

0 Kudos
the_rock
Legend
Legend
‎2023-11-17 11:36 AM

This is the one I use and never had that problem.

Andy

IKEView.zip
Joe_Kanaszka
Advisor
‎2023-11-17 12:02 PM
In response to the_rock

So it appears you can't open up iked.elg files.  ok.  Some captures I do not have anything but iked files.  

0 Kudos
the_rock
Legend
Legend
‎2023-11-17 12:04 PM
In response to Joe_Kanaszka

Correct...ONLY ike.elg

0 Kudos
Joe_Kanaszka
Advisor
‎2023-11-17 12:22 PM
In response to the_rock

  • Can an R81.20 gateway produce Ike.elg files?  
the_rock
Legend
Legend
‎2023-11-17 12:24 PM
In response to Joe_Kanaszka

Yes sir, 100%

Joe_Kanaszka
Advisor
‎2023-11-18 04:55 AM
In response to the_rock

Morning!  Quick question. How can I get my R81.20 gateway to generate Ike.elg logs?  Or is there a way to analyze Ike’s.elg files as easily?  

Thank you again!

 

 

0 Kudos
the_rock
Legend
Legend
‎2023-11-18 05:04 AM
In response to Joe_Kanaszka

vpn debug trunc (rotates vpn debug files)

vpn debug ikeon

-leave it on for few mins

vpn debug ikeoff

check $FWDIR/log dir

Joe_Kanaszka
Advisor
‎2023-11-18 06:58 AM
In response to the_rock

Thanks man. I’ll give it a shot. I don’t think I was leaving it on long enough. 

0 Kudos
the_rock
Legend
Legend
‎2023-11-17 12:33 PM
In response to Joe_Kanaszka

Just ued ikeview I sent you to open ike.elg file from customer's R81.20 fw we generated 2 weeks ago or so and worked like a charm, no issues.

Andy

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2023-11-17 12:01 PM

Be aware that IKE debugs are written to different files depending on which version of IKE is in use.  IKEv1 is ike.elg, IKEv2 is ike2.xmll usually, but could also be legacy_ike2.xmll.  If you are opening the correct file(s) my guess would be some kind of output format change in the debug that ikeview does not understand, particularly if you are running the more recent versions of gateway code that moved the IKE negotiation function out of the very old vpnd and into the new iked.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events