For "iked -v" I just get Jan 6 11:18:50 gate5a iked[58866]: ikev2_init_ike_sa: initiating "gate5_example" Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: send IKE_SA_INIT req 0 peer 10.7.48.92:500 local 192.168.142.10:500, 278 bytes Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: recv IKE_SA_INIT res 0 peer 10.7.48.92:500 local 192.168.142.10:500, 232 bytes, policy 'gate5_example' Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: send IKE_AUTH req 1 peer 10.7.48.92:4500 local 192.168.142.10:4500, 240 bytes, NAT-T Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: recv IKE_AUTH res 1 peer 10.7.48.92:4500 local 192.168.142.10:4500, 128 bytes, policy 'gate5_example' Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: ikev2_init_recv: failed to negotiate IKE SA Jan 6 11:18:50 gate5a iked[58866]: spi=0x025c1289fdf74141: sa_free: no proposal chosen (IKE SA)
For -v -v -v it gets more verbose, but only if you actually use these flags and don't forget to restart iked. Sorry, my bad. ________________________________________ From: Tobias Heider <tobias.hei...@stusta.de> Sent: Monday, January 6, 2025 23:40 To: Harald Dunkel Cc: misc Subject: Re: iked show the proposals for phase 1 and phase 2, please? [You don't often get email from tobias.hei...@stusta.de. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] On Mon, Jan 06, 2025 at 03:16:08PM GMT, Harald Dunkel wrote: > Hi folks, > is there some hidden feature to tell iked to show the proposals of both peers > in the log file, esp if phase 1 or 2 fails with "no proposal chosen"? That > would > help a lot. > > By now I have tried iked -d -v -v -v in vain. Pretty sure it should show the configured and received proposals in that case, especially with -v. It would be easier to help if we had a log and configs to look at. > > Thank you very much > Harri > District Court Aachen - HRB 8057 > Management Board: Arnaud Picut (CEO), Hicham El Bonne (CTO) > Chairman of the Supervisory Board: Benjamin Carl Lucas > District Court Aachen - HRB 8057 Management Board: Arnaud Picut (CEO), Hicham El Bonne (CTO) Chairman of the Supervisory Board: Benjamin Carl Lucas
