Answer the question
In order to leave comments, you need to log in
VPN/IPsec connection diagnostics
There was such a task that it is necessary to forward a tunnel between two VPN / IPsec networks.
On our side, the network is behind a D-Link DFL-210 router. We tried many configuration options, all sorts of manuals - the tunnel does not want to work.
Somehow it was possible, at the beginning, to successfully pass phase 1 of the connection, and then, after the game, with the settings, even it stopped being installed. On the other side, configuration errors are also not ruled out.
And the question is not about specific settings. :-) Interested in how you can find out what exactly is the connection error? Maybe there is some diagnostic software for VPN/IPsec. It's some kind of dark forest. There is nothing useful in the router logs. You can SSH into the router, but that doesn't help much.
Answer the question
In order to leave comments, you need to log in
try tftpd . It can work as a syslog server
, IPSec almost always has problems with NAT, and if it exists between routers, then this may be the problem
1.if there is access via ssh, then in theory you can see something in \var\log.
2. try to switch the built-in syslog server to show all messages (Debug)
try to enable debug ipsec on both sides, maybe it will show what is the reason.
Here's something I don't understand.
On the one hand DFL-210.
On the other hand, what? IPSEC demon?
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question