Tracing IPsec Operations

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Trace operations track IPsec events and record them in a log file in the /var/log directory. By default, this file is named /var/log/kmd.

To trace IPsec operations, include the traceoptions statement at the [edit services ipsec-vpn] hierarchy level:


            
               [edit services ipsec-vpn]
               traceoptions {
               
               file <filename> <files number> <match regular-expression> <size bytes> <world-readable |
                  no-world-readable>;
               
               flag flag;
               
               no-remote-trace;
               }

You can specify the following IPsec tracing flags:

all—Trace everything.
certificates—Trace certificates events.
database—Trace security associations database events.
general—Trace general events.
ike—Trace IKE module processing.
parse—Trace configuration processing.
policy-manager—Trace policy manager processing.
routing-socket—Trace routing socket messages.
snmp—Trace SNMP operations.
timer—Trace internal timer events.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]