VPN IPsec log level does not work
set vpn ipsec authentication psk PSK id '192.0.2.1' set vpn ipsec authentication psk PSK id '192.0.2.2' set vpn ipsec authentication psk PSK secret '1234567890' set vpn ipsec esp-group ESP-group lifetime '3600' set vpn ipsec esp-group ESP-group mode 'tunnel' set vpn ipsec esp-group ESP-group pfs 'enable' set vpn ipsec esp-group ESP-group proposal 1 encryption 'aes256' set vpn ipsec esp-group ESP-group proposal 1 hash 'sha1' set vpn ipsec ike-group IKE-group key-exchange 'ikev2' set vpn ipsec ike-group IKE-group lifetime '28800' set vpn ipsec ike-group IKE-group proposal 1 encryption 'aes256' set vpn ipsec ike-group IKE-group proposal 1 hash 'sha1' set vpn ipsec interface 'eth1' set vpn ipsec log level '2' set vpn ipsec site-to-site peer OFFICE-B authentication local-id '192.0.2.1' set vpn ipsec site-to-site peer OFFICE-B authentication mode 'pre-shared-secret' set vpn ipsec site-to-site peer OFFICE-B authentication remote-id '192.0.2.2' set vpn ipsec site-to-site peer OFFICE-B connection-type 'initiate' set vpn ipsec site-to-site peer OFFICE-B ike-group 'IKE-group' set vpn ipsec site-to-site peer OFFICE-B local-address '192.0.2.1' set vpn ipsec site-to-site peer OFFICE-B remote-address '192.0.2.2' set vpn ipsec site-to-site peer OFFICE-B tunnel 0 esp-group 'ESP-group' set vpn ipsec site-to-site peer OFFICE-B tunnel 0 local prefix '100.64.1.0/24' set vpn ipsec site-to-site peer OFFICE-B tunnel 0 remote prefix '100.64.2.0/24'
Expected 2 for the charon.syslog.daemon.default option in the file /etc/strongswan.d/charon-logging.conf
But this option does not work.
vyos@r14# cat /etc/strongswan.d/charon-logging.conf
charon {
syslog {
# prefix for each log message
identifier = charon
# use default settings to log to the LOG_DAEMON facility
daemon {
default = 1
ike_name = yes
}
}
}I do not see that we parse and use log.level option anywhere in the templates https://github.com/vyos/vyos-1x/tree/current/data/templates/ipsec