Checkpoint IKE Debug

This guide assumes you have Checkpoint running on an IPSO nokia platform and are familiar with debugging the platforms.

Logon to the firewall (using your PuTTY client & SSH v2) as admin and enter expert mode.

Run the following commands:

cd /$FWDIR/log

vpn debug ikeon

The logging of phase1 (IKE) & phase2  (IPSEC) are recorded within the ike.elg file that will populate in the directory you’re in.

To analyse the debug, use IKEView which we’ve discussed on another post.