Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
AkosBakos
Advisor
Jump to solution

ike.elg file empty after ike debug

Hi All,

I bumped into a strange thing during vpn debugging:

after

#vpn debug trunc
#vpn debug ikeon

reproducate the issue: eg. deleting the tunnel with #vpn tu and rebuild it

#vpn debug ikeoff

I see only one row in the ike.elg file : "ike degug started" nothing more.

the vpnd.elg contains data

GW version: R80.40 JHF48

Have somebody such experience?

BR

Akos

----------------
\m/_(>_<)_\m/
0 Kudos
1 Solution

Accepted Solutions
Timothy_Hall
Legend Legend
Legend

ike.elg will only contain traces from IKEv1 activity.  If you are using IKEv2 for the Cisco tunnel the file you need to look in is ikev2.xmll.  The Windows ikeview utility can read and decode either file: sk30994: What is the IKEView utility?

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

View solution in original post

0 Kudos
6 Replies
the_rock
Legend
Legend

If its empty, it indicates there is not even an attempt at all. Try below:

vpn debug ikeon

test the connection

vpn debug ikeoff

 

Check ike.elg file. Maybe not a bad idea to run watch -d $FWDIR/log/ike.elg command on duplicate ssh window, just to see if size is increasing.

What is the tunnel? CP to Cisco, PAN, Fortinet, something else? New setup, old, ever worked before?

Andy

0 Kudos
AkosBakos
Advisor

Hi Andy,

  • New setup
  • CP to Cisco
  • If the Cisco initiates the tunnel -> ok
  • If the CP initiates the tunnel -> I see the ougoing packet but Cisco side does not receive it

Therefore I want to do an ike debug but I bumped into this strange behaviour 😕

ike.elg is always empty except that one line

Br 

A

 

----------------
\m/_(>_<)_\m/
0 Kudos
the_rock
Legend
Legend

Message me privately and we can setup remote session.

 

Andy

0 Kudos
AkosBakos
Advisor

Hi Andy,

Thank you.

Strange situation, but customer does not allow remote session at all.

So only tips are allowed. 

A

----------------
\m/_(>_<)_\m/
0 Kudos
Timothy_Hall
Legend Legend
Legend

ike.elg will only contain traces from IKEv1 activity.  If you are using IKEv2 for the Cisco tunnel the file you need to look in is ikev2.xmll.  The Windows ikeview utility can read and decode either file: sk30994: What is the IKEView utility?

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
AkosBakos
Advisor

Hi Timothy,

Yes, that is the problmem. Only one word come into my mind at the moment: "RTFM" 🙂

Thanks,

A

----------------
\m/_(>_<)_\m/
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events