What information should I collect for a Site-to-Site VPN that won’t come up? (KB ID: KB9229)
| Article ID: | KB9229 |
|---|---|
| Former Article ID: | |
| Published: | Dec 19, 2006 |
| Last Modified: | Dec 19, 2006 |
| Visible By: | Employee, PTAC, Partner, Customer, Public |
Back to Previous Page | Knowledge Base Home
Article URL
Synopsis
What information should I collect before I open a case for a VPN that won’t come up? What logs or files will assist the Juniper Networks Technical Assistance Center (JTAC) with troubleshooting a Site-to-Site VPN?
Capturing logs could be required to further troubleshoot VPN issues. Collecting the information listed below will help towards identifying the issue.
Problem
After following the steps in KB9221 - How to Troubleshoot a Site-to-Site VPN that won’t come up and the VPN continues to fail, which logs are needed to further troubleshoot the issue?
Solution
get techget eventget ike cookieget sa
Capture the above information on each Juniper product.
- Log on to your Juniper device, either by Telnet or a terminal software over the Console port. For assistance, see KB6011 - How to Setup a Serial Console Connection to the NetScreen's Communications Port Using Hyperterminal.
- Turn on the text capture feature of your Telnet or terminal software. For assistance, see KB6206 - How do I save the console or screen data from a telnet session?
- Issue the following commands;
set console page 0(this command disables the "more" option)get techget ike cookieget saset console page 22get event(only the first four or five pages are needed)
- Save the captured data to a file.
Category Description
By Product » Hardware » Firewalls
By Product » Hardware » Firewalls » NetScreen Firewall/IPSec VPN
By Product » Software » Network Operating Systems
By Product » Software » Network Operating Systems » ScreenOS Software
Purpose