[x]

IPsec commands > ipsec logging packet enable

 

 Next

ipsec logging packet enable

Use ipsec logging packet enable to enable logging for IPsec packets.

Use undo ipsec logging packet enable to disable logging for IPsec packets.

Syntax

ipsec logging packet enable

undo ipsec logging packet enable

Default

Logging for IPsec packets is disabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After logging for IPsec packets is enabled, the device outputs a log when an IPsec packet is discarded. IPsec packets might be discarded due to lack of inbound SA, AH/ESP authentication failure, or ESP encryption failure. A log contains the source and destination IP addresses, SPI, and sequence number of the packet, and the reason it was discarded.

Examples

# Enable logging for IPsec packets. 

<Sysname> system-view
[Sysname] ipsec logging packet enable

prev

 

up

 next

ipsec limit max-tunnel 

home

 ipsec profile

© Copyright 2018 Hewlett Packard Enterprise Development LP