ZyXEL Communications P-334WT Technické informace stáhnout pdf (Strana 169)

● Using CI command 'ipsec debug 1'

Please enter 'ipsec debug 1' in Menu 24.8. There should be lots of detailed messages printed out to show how negotiations are taken

place. If IPSec connection fails, please dump 'ipsec debug 1' for our analysis. The following shows an example of dumped

messages.

P-334WT> ipsec debug 1

IPSEC debug level 1

P-334WT> catcher(): recv pkt numPkt<1>

get_hdr nxt_payload<1> exchMode<2> m_id<0> len<80>

f76af206 b187aae3 00000000 00000000 01100200 00000000 00000050 00000034

00000001 00000001 00000028 01010001 00000020 01010000 80010001 80020001

80040001 80030001 800b0001 800c0e10

In isadb_get_entry, nxt_pyld=1, exch=2

New SA

In responder

isadb_create_entry(): RESPONSOR:

##entering spGetPeerByAddr...

4. View Log

To view the log for IPSec and IKE connections, please enter menu 27.3, View IPSec Log. The log menu is also useful for

troubleshooting please capture to us if necessary. The example shown below is a successful IPSec connection.

Index: Date/Time: Log:

------------------------------------------------------------

001 01 Jan 10:23:22 !! Cannot find outbound SA for rule <1>

002 01 Jan 10:23:22 Send Main Mode request to <168.10.10.66>

003 01 Jan 10:23:22 Send:<SA>

004 01 Jan 10:23:22 Recv:<SA>

005 01 Jan 10:23:24 Send:<KE><NONCE>

006 01 Jan 10:23:24 Recv:<KE><NONCE>

007 01 Jan 10:23:26 Send:<ID><HASH>

008 01 Jan 10:23:26 Recv:<ID><HASH>

009 01 Jan 10:23:26 Phase 1 IKE SA process done

010 01 Jan 10:23:26 Start Phase 2: Quick Mode

011 01 Jan 10:23:26 Send:<HASH><SA><NONCE><ID><ID>

012 01 Jan 10:23:26 Recv:<HASH><SA><NONCE><ID><ID>

013 01 Jan 10:23:26 Send:<HASH>

Clear IPSec Log (y/n):

1 2 ... 164 165 166 167 168 169 170 171 172 173 174 ... 294 295

Žádné komentáře

ZyXEL Communications P-334WT Technické informace Strana 169