Basic Dynamic-VPN troubleshooting commands

1- Setup the traceoptions

# set security ike traceoptions file ike-debug

# set security ike traceoptions flag all

# set security ipsec traceoptions flag all

# commit

# run clear log ike-debug

2- Now try to connect and run this show command 

# run show log ike-debug | match ike

————————————————————————–

Clearing the Token Info

1- run the shell, and execute this command :

admin@Abed> start shell

% rm -rf /var/db/dynamic-vpn-ipsec/tokens-info

% cli

2- Now, restart the web-management

admin@Abed> restart web-management

Web management gatekeeper process started, pid 8500

————————————————————————–

# set system processes general-authentication-service traceoptions flag all

#commit

> show log authd

————————————————————————–

restart ipsec-key-management

————————————————————————–

clear security dynamic-vpn ? << all/user >>

————————————————————————–

I recomment those three websites !

http://chimera.labs.oreilly.com/books/1234000001633/ch10.html

http://rtoodtoo.net/jncie-sec-traceoptions-ipsec-troubleshooting/

http://itzecurity.blogspot.co.il/2013/08/vpn-configuration-and-troubleshooting.html

Good Luck 🙂

By: Abed AL-R. Bishara

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s