Module "VPN" (Site-to-Site VPN and Remote Access VPN)

Syntax

Flag

Description

cluster

Events related to clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing.

comp

Compression for encrypted connections

counters

Various status counters (typically for real-time Monitoring)

cphwd

Traffic acceleration issues (in hardware)

driver

Check Point kernel attachment (access to kernel is shown as log entries)

err

Errors that should not happen, or errors that critical to the working of the VPN module

gtp

Processing of GPRS Tunneling Protocol (GTP) connections

Note - In addition, see Module "gtp" (GPRS Tunneling Protocol)

ifnotify

Notifications about the changes in interface status - up or down (as received from OS)

ike

Enables all IKE kernel debug in respect to moving the IKE to the interface, where it will eventually leave and the modification of the source IP of the IKE packet, depending on the configuration

ike_trace

Processing of IKE Security Associations

iked

Processing of IKE packets in the IKED daemon

iked_trap

Processing of IKE packets in the IKED daemon

init

Initializes the VPN kernel and kernel data structures, when kernel is up, or when policy is installed (in addition, it prints the values of the flags that are set using the CPSET upon policy reload)

l2tp

Processing of L2TP connections

lsv

Large Scale VPN (LSV)

mem

Allocation of VPN pools and VPN contexts

mspi

Information related to creation and destruction of MSA / MSPI

multicast

VPN multicast

multik

Information related to interaction between VPN and CoreXLClosed Performance-enhancing technology for Security Gateways on multi-core processing platforms. Multiple Check Point Firewall instances are running in parallel on multiple CPU cores.

Notes:

nat

NAT issues , cluster IP manipulation (Cluster Virtual IP address <=> Member IP address)

om_alloc

Allocation of Office Mode IP addresses

osu

Cluster Optimal Service Upgrade (see sk107042)

packet

Events that can happen for every packet, unless covered by more specific debug flags

pcktdmp

Prints the encrypted packets before the encryption

Prints the decrypted packets after the decryption

policy

Events that can happen only for a special packet in a connection, usually related to policy decisions or logs / traps

queue

Handling of Security Association (SA) queues

rdp

Processing of Check Point RDP connections

ref

Reference counting for MSA / MSPI, when storing or deleting Security Associations (SAs)

resolver

VPN Link Selection table and Certificate Revocation List (CRL), which is part of the peer resolving mechanism

route

Packet routing

rsl

Operations on Range Skip List

sas

Information about keys and Security Associations (SAs)

sr

SecureClient / SecureRemote related issues

tagging

Sets the VPN policy of a connection according to VPN communities, VPN Policy related information

tcpt

Information related to TCP Tunnel (Visitor mode - FireWall traversal on TCP port 443)

tnlmon

VPN tunnel monitoring

topology

VPN Link Selection

vin

Does not apply anymore

Only on Security Gateway that runs on Windows OS:

Information related to IPSec NIC interaction

warn

General warnings