(17 August 2012)Digging around in the event log:
General VPN information:
Confirm Phase 1:
Confirm Phase 2:
Get more details on the SA ID:
Running a debug:
Debug Flow Basic should return a detailed accounting of why the firewall is sending packets where, or why not.(
Source)
netscreen(M)-> get event include [peer ip]
netscreen(M)-> get vpn
netscreen(M)-> get ike cookie | i [remote peer ip]
netscreen(M)-> get sa | i [peer ip]
netscreen(M)-> get sa id 0x00000007
netscreen(M)-> set ff src-ip [local endpoint] dst-ip [remote endpoint] netscreen(M)-> undebug all netscreen(M)-> clear db netscreen(M)-> debug ike basic netscreen(M)-> debug flow basic netscreen(M)-> get db str
Source)
no comments |
post comment
Virtual Dave Megaplex:
- Home Page
- Planet Xdroop
- This wiki's start page
- Send Feedback To Dave
Click Here
(read this note about local search)Logged in Users: (0)
Recently Changed
Windows Updates Won't Install- Counting Processor Sockets
- gcc
- makeinfo build error
- Enable SSH
- Enable HTTPS
- Promote User To Administrator
- Iron Man
- Site to Site VPN
- dotfiles
- backup and restore
- Faking a secondary IP
- Site to Site VPN
- What Program Has This Port Open
- bind always returns SERVFAIL
- Factory Defaults
- Remote Admin Authentication Via Radius
- Can't reply to tickets
- date in ISO format
- Port Forwarding
- Changing HA Ports
- bind zone forwarding
- VHS Movies
- Notes
- nsupdate from linux
- Sort Senders
- Snapshot management
- SSH Public Key Access
- Can't Build agw
- wxPython can't find GStreamer
Editing: snipsnap-help, Image MacroInstalled 2 years and 131 days ago
Powered By
SnipSnap Version 1.0b1-uttoxeter
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.