Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

What Information Should Be Collected for a Dial-UP VPN That Won't come up?

0

0

Article ID: KB9395 KB Last Updated: 02 Sep 2010Version: 5.0
Summary:

This document will assist you in gathering the required information to help resolve a problem with establishing a VPN Tunnel through your NetScreen Remote VPN Client. Collecting this information will help Technical support discover the cause of the problem.

Symptoms:

After going through the steps in one of the following Troubleshooting documents, and the VPN continues to fail, which logs are needed to further troubleshoot the issue?

Capturing logs could be required to further troubleshoot VPN issues. Collecting the information listed below will help towards identifying the cause of the issue
Solution:

The logs needed to further troubleshoot a VPN issue are:

  • From the Firewall:
    • get tech
    • get event
    • get ike cookie
    • get sa
  • From the NetScreen Remote Client:
    • The .spd file from the NetScreen Remote Client
    • The NetScreen Remote Client Log Viewer file

 

Follow the instructions below to capture the data:

Logs from the Juniper Firewall:

  1. Log in to the Juniper firewall, either by Telnet or a terminal software over the Console port. For assistance, see KB6011 - How to Setup a Serial Console Connection to the NetScreen's Communications Port Using Hyperterminal.
  2. Turn on the text capture feature of your Telnet or terminal software.  For assistance, see KB6206 - How do I save the console or screen data from a telnet session?
  3. Issue the following commands:
    • set console page 0 (this command disables the "more" option)
    • get tech
    • get ike cookie
    • get sa
    • set console page 22
    • get event (only the first four or five pages are needed)
  4. Save the captured data to a file. 

Logs from the NetScreen Remote Client:

  1. Save the NetScreen Remote's .spd file:
    1. At the Security Policy Editor, click on File -> Export Security Policy.  This will display the Export Policy To... window.
    2. Save the policy to the PC's hard drive by naming the file and selecting a location to save it.  Make sure the policy is unlocked. 
    3. Click Export.
  2. Save the Log Viewer file:
    1. Right click on the NS-Remote's icon in the PC's System Tray.
    2. Left click on Log Viewer
    3. Click on Save Log.  This will bring up the Save As window.
    4. Give the file a name, leaving the extension as .log, and save it to the PC's hard drive.
Once the data has been collected, open a case by either calling in to Juniper Networks Technical Assistance Center at 888-314-JTAC (5822) or login to the Case Management tool via the Juniper support site at: Case Management and click on the "Create a Case" link.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search