CheckPoint shows basic VPN information in SmartDashboard VPN section.
but sometimes there is not enough information on certain problems (like id mismatch).
There is a way to obtain more detailed logs (sort of Cisco’s “debug crypto ipsec” command).
To turn on VPN debug log enter the following command:
[code] vpn debug trunc; vpn debug ikeon[/code]
This will enable log output to $FWDIR/log/ike.elg
To read the file output in a more convenient way, download Checkpoint’s *IKEView.exe* utility (Windows only):
http://pingtool.org/downloads/IKEView.exe
Don’t forget to stop the debug with command:
[code] vpn debug off; vpn debug ikeoff [/code]
Source: sk33327
