Troubleshoot VPN with the VPN job logs

Describes the various job logs that VPN uses.

When you encounter problems with your VPN connections, it is always advisable to analyze the job logs. In fact, there are several job logs that contain error messages and other information related to a VPN environment.

It is important that you analyze job logs on both sides of the connection if both sides are iSeries™ systems. When a dynamic connection fails to start, it is helpful if you understand what is happening on the remote system.

The VPN jobs, QTOVMAN and QTOKVPNIKE, run in the subsystem QSYSWRK. You can view their respective job logs from iSeries Navigator.

This section introduces the most important jobs for a VPN environment. The following list shows the job names with a brief explanation of what the job is used for:

QTCPIP

This job is the base job that starts all the TCP/IP interfaces. If you have fundamental problems with TCP/IP in general, analyze the QTCPIP job log.

QTOKVPNIKE

The QTOKVPNIKE job is the VPN key manager job. The VPN key manager listens to UDP port 500 to perform the Internet Key Exchange (IKE) protocol processing.

QTOVMAN

This job is the connection manager for VPN connections. The related job log contains messages for every connection attempt that fails.

QTPPANSxxx

This job is used for PPP dial-up connections. It answers to connection attempts where *ANS is defined in a PPP profile.

QTPPPCTL

This is a PPP job for dial-out connections.

QTPPPL2TP

This is the Layer Two Tunneling Protocol (L2TP) manager job. If you have problems setting up an L2TP tunnel, look for messages in this job log.

• Common VPN Connection Manager error messages
  Describes of some of the more common VPN Connection Manager error messages you may encounter.