pfSense English Support > IPsec

How to read a IPSec-Log

(1/3) > >>


we have approx 40 VPN-Tunnels. Since upgrade to strongswan ist isn't possible to separate the log entires to its VPN-Tunnel.
With Racoon in each entry the vpn description was included.

At this point I can't use this log for troubleshooting.
Is there an option like firewall log (rule) to add a column or something else?


I'm the only one with this problem?

No, you are not the only one. The logs are absolutely useless flood of junk even with loglevel dropped to absolute minimum. The upstream guys need a heavy hit with a cluebat.


--- Quote from: Ruddimaster on April 01, 2015, 02:44:36 am ---I'm the only one with this problem?

--- End quote ---

You are not the only one, but I know it certainly seems like it sometimes. The racoon logs were great, whereas the new logs are useless.

Our log display code showed the associated tunnel by the IP in racoon's logs. The challenge with strongswan's logs is it doesn't necessarily have the IP in relevant lines nor any other way of differentiating easily. There's a ticket or two open in this area to help things here in the future where we can.


[0] Message Index

[#] Next page

Go to full version