Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-1906: How to turn debugging on for DirectSecure/Racoon ?

DirectSecure ,  

12 April,16 at 11:02 AM

Applies to: All versions of DirectSecure


How to turn debugging on for DirectSecure/Racoon?


The adsec command enables you to get information about, as well as manage the IPsec configuration on a UNIX computer.

The basic syntax for adsec is:

adsec [--certs] [--debug [on | off]] [--disable] [--enable] [--flush [sa | sp | all]] [--ikeinfo] [--info] [--policy] [--reload] [--reset] [--sainfo] [--spinfo] [--status] [--support] [--version]

To run a debug,

As root, running "/usr/sbin/adsec --debug on or /usr/sbin/adsec -g" will turn on DirectSecure debug. Debugging information is sent to the /var/log/centrify-racoon.log file.
Turning on debugging with this parameter, sets racoon debugging to verbose and updates the /etc/sysconfig/centrify-racoon configuration file with changes to RACOON_OPTS.

Note: Sometimes, the
/var/log/centrify-racoon.log file can be empty. Neither re-starting racoon or generating traffic will help. When you turn on debugging, adsec debug makes changes to /etc/rsyslog.conf ( if it exists ) instead of /etc/syslog.conf

If rsyslogd is running, the debug messages gets written into /var/log/messages otherwise none gets written into /var/log/centrify-racoon log.


1) Turn off debug:
# /usr/sbin/adsec --debug off

2) Rename /etc/rsyslog.conf: # mv /etc/rsyslog.conf /etc/rsyslog.conf.bak

3) Turn on debug again:  #
/usr/sbin/adsec --debug on

Now you should see logs growing in