mirror of
https://github.com/yuriskinfo/cheat-sheets.git
synced 2025-12-24 06:28:18 +01:00
29 lines
837 B
Plaintext
29 lines
837 B
Plaintext
= Fortigate debug and diagnose commands complete cheat sheet
|
|
Yuri Slobodyanyuk <admin@yurisk.info>
|
|
v1.0, 2020-09-01
|
|
:homepage: https://yurisk.info
|
|
|
|
|
|
NOTE: To enable debug set by any of the commands below, you need to run *diagnose debug enable*. This is assumed and not reminded any further.
|
|
|
|
== IPSEC VPN debug
|
|
|
|
.IPSEC VPN Debug
|
|
[cols=2*,options="header"]
|
|
|===
|
|
|Command
|
|
|Description
|
|
|
|
|*diagnose debug application ike -1*
|
|
| Enable IPSec VPN debug, shows phase 1 and phase 2 negotiations (for IKEv1) and everything for IKEv2.
|
|
"-1" sets the verbosity level to maximum, any other number will show less output.
|
|
|
|
|*diagnose vpn ike gateway flush name <vpn_name>*
|
|
|Flush (delete) all SAs of the given VPN peer only.
|
|
|
|
|
|
|*get vpn ipsec stats tunnel*
|
|
| Show short general statistics about tunnels: number, kind, number of selectors, state
|
|
|
|
|===
|