Feature request: a LISA ("Log Interpretation System & Action") to make live easier :)
-
Hi all,
I am new to the whole VPN thing and it took me a day to get my first IPsec VPN up and running, so many little things, so many log files.
The pages about Virtual Private Networks and Troubleshooting IPsec VPNs are really helpful and should be read up front
But I am wondering, why do we need those written troubleshooting pages, why are we slaves to the endless log files?
Feature request: a LISA (Log Interpretation System & Action)
Marketing speak: "The LISA (Log Interpretation System & Action) is a brand new feature of pfSense, it abstracts log files, filters relevant information, presents it to the user with context, recommendations and actions".
Some examples of LISA when a user is trying to set up and connect an IPsec VPN:
-
"pfSense can not connect to the remote gateway IP address (1.2.3.4). Please ensure 1) the IP address (1.2.3.4) is correct, 2) you enabled the relevant in-coming and outgoing connections in the firewall <Click here to automatically create the rules>, 3) the remote gateway has enabled your IP in their firewall"
-
"pfSense discovered a NO_PROPOSAL_CHOSEN error. Please make sure both sides of the VPN share a common hash algorithm for IPsec Phase 1. You enabled "SHA256", the remote side only "SHA1".
-
"pfSense discovered an AUTHENTICATION_FAILED error. Please make sure your PSK ("Pre-Shared Key") of IPsec Phase 1 are identical with the remote side."
-
"pfSense discovered a INVALID_ID_INFORMATION error. Please ensure your network settings in IPsec Phase 2 (Local: 1.2.3.4, Remote:5.6.7.8/16) are identical with the remote side."
-
"pfSense discovered the remote IPsec internal IP is not reachable. Please ensure the firewall for IPsec is configured accordingly. <Click here to enable any connection on the IPsec network for testing>"
Just some food for thought, open for discussion. I started with LIS, now it became LISA
Cheers
bluepuma -