VPN/IPsec connection diagnostics

E

Exvel2011-10-10 08:29:42

VPN

Exvel, 2011-10-10 08:29:42

There was such a task that it is necessary to forward a tunnel between two VPN / IPsec networks.
On our side, the network is behind a D-Link DFL-210 router. We tried many configuration options, all sorts of manuals - the tunnel does not want to work.
Somehow it was possible, at the beginning, to successfully pass phase 1 of the connection, and then, after the game, with the settings, even it stopped being installed. On the other side, configuration errors are also not ruled out.

And the question is not about specific settings. :-) Interested in how you can find out what exactly is the connection error? Maybe there is some diagnostic software for VPN/IPsec. It's some kind of dark forest. There is nothing useful in the router logs. You can SSH into the router, but that doesn't help much.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

C

cthtuf, 2011-10-10
@exvel

try tftpd . It can work as a syslog server
, IPSec almost always has problems with NAT, and if it exists between routers, then this may be the problem

S

smartlight, 2011-10-10
@smartlight

1.if there is access via ssh, then in theory you can see something in \var\log.
2. try to switch the built-in syslog server to show all messages (Debug)

T

Timofey Pedko, 2011-10-11
@tpedko

try to enable debug ipsec on both sides, maybe it will show what is the reason.

S

space_monkey, 2011-10-10
@space_monkey

Here's something I don't understand.
On the one hand DFL-210.
On the other hand, what? IPSEC demon?