This article explains the new Ipsec debug options intruduced in UTM v9
Known to apply to the following Sophos product(s) and version(s)
Sophos UTM v9
What To Do
In UTM v9 there are some changes in the debug options for IPsec (Site-to-Site or Remote Access). Here is a list of the new options and the purpose:
- Control Flow: Displays control messages of IKE state. This option will give some basic debug information in that case the tunnel doesn't come up.
- Inbound Packets: Displays content of incoming IKE messages. This option will give some more information about the incominig IKE packets from the remote site.
- Outbound Packets: Displays the content of outgoing IKE messages. This option will give some more information about the IKE packets the UTM is sending to the remote site
- Kernel Messages: Displays kernel related messages (only for support debug)
- High Availability: Displays HA/Cluster related messages (only for support debug)