Secure Computing ADMINGUIDEREVA Guide de l'utilisateur télécharger pdf (Page 78)

Sidewinder troubleshooting commands

A-4 Troubleshooting

that the selected connection has established SAs.

 To view Authentication (Phase 1) security associations negotiated

by IKE, click the Phase 1 tab.

 To view Key Exchange (Phase 2) security associations negotiated

by IPSec, click the Phase 2 tab.

Sidewinder

troubleshooting

commands

In addition to standard logging, the Sidewinder also performs auditing

of certain system events which allows you to generate information on

VPN connections. Table A-1 shows some useful commands you can

use to track VPN connections in real-time mode and check VPN

settings/configuration.

Table A-1. Basic Sidewinder VPN troubleshooting commands

Commands

tcpdump -npi ext_interface port 500 proto 50

To show IPSEC and ESP traffic arriving at the firewall

cf ipsec q

To review VPN policies on Sidewinder console

cf ipsec policydump

To determine if VPN is active

showaudit -v

To show detailed audit trace information for VPN.

1 2 ... 73 74 75 76 77 78 79 80

Pas de commentaire

Secure Computing ADMINGUIDEREVA Guide de l'utilisateur Page 78