Panasonic 8000 User Manual
Troubleshooting - vas, N0rtel
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
Table of contents
Document Outline
- N0RTEL
- 1
- AAA troubleshooting
- Contents
- Figures
- IPSec and IKE troubleshooting
- About this chapter
- 2.1 IPSec and IKE overview
- 2.2 Troubleshooting manual IPSec SA setup
- 2.3 Troubleshooting ISAKMP SA
- 2.4 Troubleshooting SA setup using an IPSec policy template
- 2.5 Troubleshooting NAT traversal in the IPSec tunnel
- 2.6 Troubleshooting GRE over IPSec or L2TP over IPSec
- 2.7 Troubleshooting cases
- 2.8 FAQs
- Q: In an unstable network, SAs cannot be set up or SAs are set up but the communication between peers fails although the ACLs have matching security proposals. Why?
- Q. During IPSec debugging, the message "Got NOTIFY of type NO_PROPOSAL_CHOSEN or drop message from A.B.C.D due to notification type NO_PROPOSAL_CHOSEN" is displayed. What does this indicate?
- Q. How do I validate modified IPSec or IKE configurations?
- Q: Is the IPSec tunnel the same as the SA?
- Q: What are guidelines for ACL used in IPSec?
- Q: Can AH and ESP be used at the same time?
- Q: Can ESP perform only packet encryption but not authentication?
- Q: Can transport mode be used when the communication port and IPSec tunnel port are different?
- Q: What are the constraints on configuring encryption and authentication shared keys manually?
- Q: Can an SA that is set up using an IPSec policy template initiate an SA negotiation?
- Q: Why do I not need to specify the local IP address in the IPSec tunnel?
- 2.9 Diagnostic tools
- Contents
- Figures
- Tables
- 3
- 4
- NAT troubleshooting
- About This Chapter
- 4.1 NAT
- 4.2 Troubleshooting NAT Troubleshooting
- 4.3 Troubleshooting cases
- 4.4 FAQs
- 4.5 Diagnostic tools
- 4.5.1 Display commands
- display firewall session aging-time
- display firewall servermap
- display firewall session statistic
- display firewall session table
- display nat address-group
- display nat alg
- display nat car-class
- display nat car-bt
- display nat connection-class
- display nat flow-control
- display nat inside-ip
- display nat outbound
- display nat server
- display nat all
- 4.5.2 Debugging commands
- 4.5.1 Display commands
- Contents
- Index
- NAT troubleshooting