Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nick_Doropoulos
Advisor

vpn debug off TDERROR_ALL_ALL=0

I recently noticed that when trying to turn off vpn debug off TDERROR_ALL_ALL=0 it doesn't really work (see screenshot attached).

 

The gateway is R80.10 and sks such as sk84561 definitely recommend the tried syntax. 

 

Has anybody seen this before?

 

Thanks.

 

 

0 Kudos
6 Replies
G_W_Albrecht
Legend Legend
Legend

sk63560 - How to run complete VPN debug on Security Gateway to troubleshoot VPN issues? gives:

Enable VPND and IKE debug:

[Expert@HostName]# vpn debug trunc
[Expert@HostName]# vpn debug on TDERROR_ALL_ALL=5

---

Stop VPND and IKE debug:

[Expert@HostName]# vpn debug off
[Expert@HostName]# vpn debug ikeoff

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Nick_Doropoulos
Advisor

So would I be right to assume that vpn debug off TDERROR_ALL_ALL=0 is "discontinued" and that vpn debug off is to be used? sk89940 also refers to vpn debug off TDERROR_ALL_ALL=0 so unless my syntax is wrong or I'm missing a hotfix the documentation should be updated?

0 Kudos
Timothy_Hall
Legend Legend
Legend

Anytime you invoke a debug command like this with TDERROR_ALL_ALL=5, you should always include TDERROR_ALL_ALL=0 when you turn it back off.  Failure to do so seems to still leave some extra debugging enabled, have noticed this effect with fwm in particular.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Nick_Doropoulos
Advisor

That's what I thought but it obviously didn't work for me so I was wondering whether I was doing something wrong or whether the said way of turning vpn debugging off is discontinued.

0 Kudos
Timothy_Hall
Legend Legend
Legend

In your original post you said you were using "vpn debug off TDERROR_ALL_ALL=5" which is incorrect.  The SK you reference uses "vpn debug off TDERROR_ALL_ALL=0" which is correct.  Even after running this latter command, there will still be some slight debugging dumped into $FWDIR/log/vpnd.elg by default, even if debug has been properly disabled.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Nick_Doropoulos
Advisor

I think I mistyped the original question which I will rectify now but if you look at the screenshot attached you can see what I mean.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events