Juniper SRX Commands (VPN TSHOOT) (Important)

To see Phase1 and Phase2 of VPNs:
user@host> show security ike security-associations
user@host> show security ike active-peer

user@host> show security ipsec security-associations

To see the reason of tunnel inactivity:
user@host> show security ipsec inactive-tunnels
Configure syslog to display VPN status messages:
# set system syslog file kmd-logs daemon info
# set system syslog file kmd-logs match KMD
# commit
To see these VPN Logs:
> show log kmd-logs

> show security ike security-associations
> show security ike security-associations index 3654851 detail
> show security ipsec security-associations
> show security ipsec security-associations index 131081 detail
> show configuration | display set | match VPN_to_PEER_FIREWALL
> show security ipsec security-associations index 131081
> show security ipsec statistics index 131081
> show security ipsec security-associations index 131081 detail

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Share this:

Like this:

Leave a Reply Cancel reply