VPN debugging in Windows
The Windows IPSec VPN client is able to write a log. However this capability has to be enabled in the registry first. Nevertheless
this log provides valuable information when troubleshooting connection failures. Tracking down a client related problem without
this log might be difficult.
Please proceed as follows to enable IPSec logging in Windows:
- Launch the program regedit
- Change into directory "\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent"
- Select the menu item "Edit -> New -> Key"
- The name of the key must be "Oakley"
- Select the entry you just added and choose "Edit -> New -> DWORD"
- The DWORD must be called "EnableLogging"
- Doubleclick to open the entry and set it to "1"
- Close regedit
- Now restart the policy agent either in the services menu or by issuing the commands:
net stop policyagent
net start policyagent
Windows will now log IPSec related information in the file "oakley.log". You can find this file in the debug folder or the
Windows directory (%SystemRoot%\debug\).