Prestige 661H/HW Series User’s Guide
Appendix H VPN Setup 476
IPSec Debug
If you are having difficulty building an IPSec tunnel to a non-ZyXEL IPSec router, advanced
users may wish to examine the IPSec debug feature (Menu 24.8).
Figure 304 IKE/IPSec Debug Example
Use a VPN Tunnel
A VPN tunnel gives you a secure connection to another computer or network. The VPN
Status screen displays whether or not your VPN tunnel is connected. Example VPN tunnel
uses are securely sending and retrieving files, and accessing corporate network drives, web
servers and email. Services work as if you were at the office instead of connected through the
Internet.
ras> ipsec debug
type level display
ras> ipsec debug type
<0:Disable | 1:Original on|off | 2:IKE on|off | 3: IPSec [SPI]|on|off |
4:XAUTH on|off | 5:CERT on|off | 6: All>
ras> ipsec debug level
<0:None | 1:User | 2:Low | 3:High>
ras> ipsec debug type 1 on
ras> ipsec debug type 2 on
ras> ipsec debug level 3
Copyright (c) 1994 - 2004 ZyXEL Communications Corp.
ras> ipsec dial 1
Start dialing for tunnel <rule# 1>...
ikeStartNegotiate(): saIndex<0>
peerIp<xxx.xxx.xxx.xxx> protocol: <NONE>(0)
peer Ip <xxx.xxx.xxx.xxx> initiator(): type<IPSEC_ESP>, exch<Main>
initiator:
protocol: IPSEC_ESP, exchange mode: Main mode find_ipsec_sa():
find ipsec saNot found
Not found isadb_is_outstanding_req():
Send event to LBN task for DH processLBN task proc event <DH param req>
Main Mode processing done successfully, state=MM wait DH param.
LBN task proc event <DH param req>genDHParameters(): dh_len=96
gen DH Parameters: dh_len=96 GenRand: A(secret_val)
GenRand: A(secret_val) done
done lbnTwoExpMod(): elen=48, mlen=48
...
...
Tunnel built successfully!!!
