IPSEC Logging
-
I've managed to get the IPSEC logs on 2.2.4 to look similar to the logs in 2.1.5 by setting the following in Advanced settings:
SA Manager - Control
IKE SA - Control
IKE Child SA - Control
Job Processing - ControlAll the rest I leave as silent. Click Save and there is no need to re-start the IPSEC service.
This duplicates each log entry but gets rid of all of the DPD traffic being logged.
My main problem is that the settings don't persist a re-boot. I gather that this is because it it putting IPSEC in debug mode, so after a re-boot you have to go back to VPN > IPSEC > Advanced Settings and click Save for the logging to follow the settings on screen. Is there anyway to set the default logging options so that you don't have to start IPSEC in Debug mode?
Also is there any way to remove the duplicate log entries?
Regards
Peter
PS: I really miss the [P1 Description] near the beginning of each line! :'(
-
I've now upgraded to 2.2.5 and the IPSEC logging seems to work slightly differently.
To stop all of the DPD traffic logging I've had to set the following Logging Levels in IPSEC Advanced settings to Audit from the default of Control:
IPSEC SA
Networking
Message EncodingAlso, the settings are now preserved between re-boots.
Is there anyway to get the IPSEC logging to show [P1 Description] (like pre 2.2) as this would make reading the log a lot easier?
Regards
Peter