Troubleshooting Commands - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Virtual Private Networks
Troubleshooting a VPN That Uses IPSec
N o t e
8-74
the local router's settings for this VPN connection exactly match those of the
peer. If you are unable to learn the peer's settings, you can try using default
settings to connect to the peer in the fifth step.
Troubleshooting Commands
The tools you will use as you follow this procedure are the show and debug
commands, which are enable mode commands. Preface the commands with
the do keyword to execute them from the configuration mode contexts so that
you can fix problems while you troubleshoot.
You can use the show commands displayed in Table 8-22 on page 8-72 to view:
IKE and IPSec SAs
IKE policies
transform sets
crypto maps
remote ID and preshared key list
client configuration pools
ACLs
Debug commands display messages in real-time as they are received on the
router. The debug messages displayed when you enter the commands shown
in Table 8-23 give you valuable information about the IKE process.
Debug messages are processor-intensive and can seriously degrade network
performance. Take care when using debug commands.
Table 8-23. VPN debug Commands
View
all IKE debug messages
IKE key management messages (i.e. IKE
phase 1 and 2)
IPSec debug messages (messages received
after the tunnel has been established)
digital certificate messages
IKE client configuration messages
Xauth messages
Command Syntax
debug crypto ike
debug crypto ike negotiation
debug crypto ipsec
debug crypto pki
debug crypto ike client configuration
debug crypto ike client authentication
Advertisement
Chapters
Table of Contents
Troubleshooting
