Going through a JSEC book I noticed the following slide explains that there are 6 ike phase 1 messages that take place for a tunnel to establish.
I am looking in the kmd log and traceoptions data but I do not see any information relating to the IKE messages pictured in those logs. Perhaps I am looking at it wrong? If my SRX is hanging up on one of those messages where would I look to determine that?
Juniper KB explaining how to locate / interpret information in the Kmd log : How do I Find the VPN Entry in the Kmd Log on a J-Series or SRX-Series device?
although for releases prior to 12 the following kmd log issues below are also relevant for the higher end firewalls. [SRX High End] request security ike debug-enable does not print any useful kmd debug output
its quite key which SRX and what software version you're using really.
for reference only really , I use this method to troubleshoot a singe vpn tunnel without having to actually make any changes / commits
user@srx>request security ike debug-enable local remote level
user@srx>show log /var/log/kmd
user@srx>request security ike debug-disable
Explained in detail here: KB [SRX] How can I enable IKE traceoptions for only specific security associations
