Command 'show vpn debug peer <peer_name>' does not work correctly.
vyos@vyos:~$ show vpn debug peer PEER2 Peer not found, aborting
vyos@vyos:~$ show vpn ipsec connections Connection State Type Remote address Local TS Remote TS Local id Remote id Proposal -------------- ------- ------ ---------------- -------------- -------------- ---------- ----------- ---------------------------------- PEER2 up IKEv1 10.0.2.2 - - 10.0.1.2 10.0.2.2 AES_CBC/256/HMAC_SHA1_96/MODP_2048 PEER2-tunnel-0 up IPsec 10.0.2.2 192.168.0.0/24 192.168.1.0/24 10.0.1.2 10.0.2.2 AES_CBC/256/HMAC_SHA1_96/MODP_2048
vyos@vyos:~$ show vpn debug
PEER2: IKEv1, reauthentication every 28800s, dpd delay 10s
local: 10.0.1.2
remote: 10.0.2.2
local pre-shared key authentication:
id: 10.0.1.2
remote pre-shared key authentication:
id: 10.0.2.2
PEER2-tunnel-0: TUNNEL, rekeying every 3272s, dpd action is start
local: 192.168.0.0/24
remote: 192.168.1.0/24
PEER2: #3, ESTABLISHED, IKEv1, 74c8564ebf45a6b6_i* 576ecda3f4b5f8cf_r
local '10.0.1.2' @ 10.0.1.2[500]
remote '10.0.2.2' @ 10.0.2.2[500]
AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
established 1055s ago, rekeying in 25396s
PEER2-tunnel-0: #3, reqid 1, INSTALLED, TUNNEL, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_2048
installed 1055s ago, rekeying in 1974s, expires in 2545s
in cc4d1e02, 0 bytes, 0 packets
out cc687a3a, 0 bytes, 0 packets
local 192.168.0.0/24
remote 192.168.1.0/24
src 10.0.1.2 dst 10.0.2.2
proto esp spi 0xcc687a3a reqid 1 mode tunnel
replay-window 0 flag af-unspec
auth-trunc hmac(sha1) 0x6a9d99b15dbebda1a662095535b983446b683db6 96
enc cbc(aes) 0xfed5861a7037d5b5e6ba105b6764b50154cddcbef143d18f439883a0a02ea6e8
anti-replay context: seq 0x0, oseq 0x0, bitmap 0x00000000
src 10.0.2.2 dst 10.0.1.2
proto esp spi 0xcc4d1e02 reqid 1 mode tunnel
replay-window 32 flag af-unspec
auth-trunc hmac(sha1) 0xaf7592e83788ed687a07edf1906eb58a30cc43c4 96
enc cbc(aes) 0x7f4e095af2963c893ee3d85b327baab84b8a0c341c03f6479b58d55352a5747b
anti-replay context: seq 0x0, oseq 0x0, bitmap 0x00000000
src 192.168.0.0/24 dst 192.168.1.0/24
dir out priority 375423 ptype main
tmpl src 10.0.1.2 dst 10.0.2.2
proto esp spi 0xcc687a3a reqid 1 mode tunnel
src 192.168.1.0/24 dst 192.168.0.0/24
dir fwd priority 375423 ptype main
tmpl src 10.0.2.2 dst 10.0.1.2
proto esp reqid 1 mode tunnel
src 192.168.1.0/24 dst 192.168.0.0/24
dir in priority 375423 ptype main
tmpl src 10.0.2.2 dst 10.0.1.2
proto esp reqid 1 mode tunnel
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
socket in priority 0 ptype main
src 0.0.0.0/0 dst 0.0.0.0/0
socket out priority 0 ptype main
src ::/0 dst ::/0
socket in priority 0 ptype main
src ::/0 dst ::/0
socket out priority 0 ptype main
src ::/0 dst ::/0
socket in priority 0 ptype main
src ::/0 dst ::/0
socket out priority 0 ptype main
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fe00:0/64 scope link
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 0c:1f:98:55:00:00 brd ff:ff:ff:ff:ff:ff
altname enp0s4
altname ens4
inet 10.0.1.2/30 brd 10.0.1.3 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::e1f:98ff:fe55:0/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 0c:1f:98:55:00:01 brd ff:ff:ff:ff:ff:ff
altname enp0s5
altname ens5
inet6 fe80::e1f:98ff:fe55:1/64 scope link tentative
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 0c:1f:98:55:00:02 brd ff:ff:ff:ff:ff:ff
altname enp0s6
altname ens6
inet 192.168.139.41/24 brd 192.168.139.255 scope global eth2
valid_lft forever preferred_lft forever
inet6 fe80::e1f:98ff:fe55:2/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
link/ether 0c:1f:98:55:00:03 brd ff:ff:ff:ff:ff:ff
altname enp0s7
altname ens7
inet6 fe80::e1f:98ff:fe55:3/64 scope link tentative
valid_lft forever preferred_lft forever
6: pim6reg@NONE: <NOARP,UP,LOWER_UP> mtu 1452 qdisc noqueue state UNKNOWN group default qlen 1000
link/pimreg
7: dum0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 22:fd:cb:fc:b1:74 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/32 scope global dum0
valid_lft forever preferred_lft forever
inet6 fe80::20fd:cbff:fefc:b174/64 scope link
valid_lft forever preferred_lft forever
0: from all lookup local
220: from all lookup 220
32766: from all lookup main
32767: from all lookup default
default nhid 16 via 10.0.1.1 dev eth0 proto static metric 20
10.0.1.0/30 dev eth0 proto kernel scope link src 10.0.1.2
192.168.139.0/24 dev eth2 proto kernel scope link src 192.168.139.41
192.168.1.0/24 via 10.0.1.1 dev eth0 proto static src 192.168.0.1
### ipsec statusall ###
### swanctl -L ###
### swanctl -l ###
### swanctl -P ###
### ip x sa show ###
### ip x policy show ###
### ip tunnel show ###
### ip address ###
### ip rule show ###
### ip route | head -100 ###
### ip route show table 220 ###