Created on 07-02-2009 11:42 AM
To gather information for troubleshooting IKE issues, use the following CLI Command.
diag debug application ike <level> [ <ip-address> ]
Example output:
diag debug appli ike -1 message in MR6 with the group2 vpl file
remoteGroup1: Responder: sent 192.168.11.106 main mode message #2 (OK)
0: comes 192.168.11.106:60890->192.168.11.105:4500,ifindex=3....
0: exchange=Identity Protection id=8aa1bd9e4f1990dd/68d6b6f72064e896 len=92
0:remoteGroup1:5: responder: main mode get 3rd message...
0:remoteGroup1:5: unable to parse msg
remoteGroup1: Responder: parsed 192.168.11.106 main mode message #3 (ERROR)
0:remoteGroup1:5: sent IKE msg (P1_RETRANSMIT): 192.168.11.105:500->192.168.11.106:60890, len=284
0:remoteGroup1:5: sent IKE msg (P1_RETRANSMIT): 192.168.11.105:500->192.168.11.106:60890, len=284
0: comes 192.168.11.106:60890->192.168.11.105:4500,ifindex=3....
0: exchange=Identity Protection id=8aa1bd9e4f1990dd/68d6b6f72064e896 len=92
0: found remoteGroup1 192.168.11.105 3 -> 192.168.11.106:60890
0:remoteGroup1:5: responder: main mode get 3rd message...
0:remoteGroup1:5: unable to parse msg
remoteGroup1: Responder: parsed 192.168.11.106 main mode message #3 (ERROR)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.