Tuesday, September 3, 2013

Fortigate VPN Debug log filter for IKE

During debugging VPN on Fortigate you may see logs from other active VPN's as well and if you running your firewall in MSP environment and have multiple customers hosted and they have VPN's then its not your good day...!!

Use below filters to make your life easy when debugging VPN IKE on Fortigates

diag  vpn ike  log-filter ?
clear        erase the current filter
dst-addr4    the IPv4 destination address range to filter by
dst-addr6    the IPv6 destination address range to filter by
dst-port     the destination port range to filter by
interface    interface that IKE connection is negotiated over
list         display the current filter
name         the phase1 name to filter by
negate       negate the specified filter parameter
src-addr4    the IPv4 source address range to filter by
src-addr6    the IPv6 source address range to filter by
src-port     the source port range to filter by
vd           index of virtual domain. -1 matches all

Once the filter is in place, you can then run debug using below command;

diag debug application ike -3


  1. This comment has been removed by a blog administrator.

  2. The VPN industry has been, up until recently, largely a business services industry. And because of this, the average consumer may find shopping for a personal VPN service in 2012 just a little intimidating. Here's what a person needs to keep in mind when selecting a personal VPN service. Best VPN

  3. Thank you again for all the knowledge you distribute,Good post. I was very interested in the article, it's quite inspiring I should admit. I like visiting you site since I always come across interesting articles like this one.Great Job, I greatly appreciate that.Do Keep sharing! Regards, avast secure line reviews

  4. Superbly written article, if only all bloggers offered the same content as you, the internet would be a far better place.. nord vpn free trial

  5. Thanks for sharing this valuable content. In my view, if all webmasters and bloggers made good content as you did, the web will be a lot more useful than ever before. https://aquafiltermag.com/