User`s guide
204
IKE
Configuration - Network > Virtual Private Networking (VPN) > IPsec > IKE
The Configuration - Network > Virtual Private Networking (VPN) > IPsec > IKE
folder opens to list configuration pages for IKE 0 and IKE 1 with a separate page for IKE
Responder. The IKE 0 instance can be used as an IKE “initiator” or as an IKE “responder”
whereas IKE 1 can only be used as an initiator. The IKE 0 and IKE 1 pages are therefore
used to set up the IKE 0 and IKE 1 initiator parameters as required. The IKE Responder
page is used to set up the responder parameters for IKE 0.
IKE Debug
Configuration - Network > Virtual Private Networking (VPN) > IPsec > IKE> IKE
Debug
Enable IKE Debug
Enables IKE debugging to be displayed on the debug port.
Debug Level
Sets the level of IKE debugging. The options are:
• Low
• Medium
• High
• Very High
Debug IP Address Filter
This parameter is used to filter out IKE packets with particular source or destination IP
addresses. The format of this parameter is a comma-separated list of IP addresses. For
example, you may wish to exclude the capture of IKE traffic from IP hosts 10.1.2.3 and
10.2.2.2. This can be done by entering “10.1.2.3,10.2.2.2” for this parameter.
Conversely, you may wish to only capture traffic to and from particular IP hosts. To do this,
use a tilde (~) symbol before the list of IP addresses. For example, to only capture packets
to and from IP host 192.168.47.1, enter “~192.168.47.1” for this parameter.
Forward debug to port
When enabled, the IKE debug is sent to debug serial port.
Related CLI Commands
Entity
Instance
Parameter
Values
Equivalent Web Parameter
ike 0 deblevel
0 = Off
1 = Low
2 = Medium
3 = High
4 = Very High
Debug Level
ike 0 ipaddfilt
Comma separated
list of IP addresses
Debug IP Address Filter