NSX – Troubleshoot VPN service issues

SSL VPN-Plus Service

You can run some troubleshooting commands from the command line of the Edge Services Gateway (ESG) that is hosting the SSL VPN-Plus service. SSH or open the console of the ESG.

The full command list available:

To check the SSL VPN service status:

To check SSL VPN statistics:

To check if SSL VPN clients are connected (I don’t actually have anything connected):

To check SSL VPN sessions:

To see the full SSL VPN config via the CLI type (partial output as I am using the VMs console) show config ssl-vpn:

To look at the log files of the NSX SSL VPN-Plus service you must have syslog configured on the Edge hosting the SSL VPN service.

Make sure you enable logging for the SSL-VPN service if you are troubleshooting.

IPSec VPN Service

Very similar set of commands for IPsec:

The full command list available: show service ipsec ?

To check the IPSec VPN service status:

To see the full IPSec config via the CLI type: show config ipsec

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.