Hello,
This is my first post regarding troubleshooting Fortigate devices.
To troubleshoot the Fortigate VPN configuration we will use the following commands:
#diag debug enable
#diag debug console timestamp en #this command shows the time-stamp
#diag debug app ike -1 Â <- used for v4.0MR1
#diag vpn ike log-filter dst-addr4 <-used from v4.0MR2 to the latest version
#diag debug app ike -1<IP_PEER> <- is the ip of the remote peer.
To disable the VPN logging we can use:
#diag debug disable
#diag debug console timestamp dis
#diag debug app ike 0
The following commands show the active VPN tunnels:
#diag vpn tunnel list
#diag vpn gw list