8.4.5. VPN Gateway Logs
Within the VPN Gateway node we can find a large number of logs that can help us understand or detect errors that may arise during system operation.
In case the desired modules are not being achieved, we can activate/deactivate the logs in the VPN Gateway configuration portal “Configuration -> General -> Logs”:
The main logs to take into account in the VPN Gateway node are:
8.4.5.1. WireGuard Logs
This log contains information related to each of the WireGuard type VPNs created in the VPN Gateway node. Each VPN will have its own log.
Path:
/var/log/viapps/wireguard/<VPN_Name>.log
Example:
Oct 25 23:13:28 fw02lab.viapps.org api: Agent user disconnected from Opennac (VPN IP: 172.16.120.109; Username: user5; Dynamic Zone: vpnusr; Persistent: false)
Oct 25 23:14:54 fw02lab.viapps.org api: Agent user connected (VPN IP: 172.16.120.110; Username: user5; Dynamic Zone: vpnusr; Persistent: false)
Oct 25 23:15:11 fw02lab.viapps.org api: Agent user disconnected from Opennac (VPN IP: 172.16.120.110; Username: user5; Dynamic Zone: vpnusr; Persistent: false)
Oct 25 23:15:22 fw02lab.viapps.org api: Agent user connected (VPN IP: 172.16.120.111; Username: user5; Dynamic Zone: vpnusr; Persistent: false)
Oct 25 23:15:33 fw02lab.viapps.org api: Agent user disconnected from Opennac (VPN IP: 172.16.120.111; Username: user5; Dynamic Zone: vpnusr; Persistent: false)
8.4.5.2. OpenVPN Logs
This log contains information related to each of the OpenVPN type VPNs created in the VPN Gateway node. Each VPN will have its own log.
Path:
/var/log/viapps/openvpn/<VPN_Name>.log
Example:
Wed May 6 12:02:14 2020 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Wed May 6 12:02:14 2020 RADIUS-PLUGIN: Configfile name: /etc/openvpn/radiusplugin-RWVPN.cnf.
Wed May 6 12:02:14 2020 TUN/TAP device tunocf22 opened
Wed May 6 12:02:14 2020 /sbin/ip link set dev tunocf22 up mtu 1500
Wed May 6 12:02:14 2020 /sbin/ip addr add dev tunocf22 172.16.100.1/24 broadcast 172.16.100.255
Wed May 6 12:02:14 2020 Could not determine IPv4/IPv6 protocol. Using AF_INET
Wed May 6 12:02:14 2020 UDPv4 link local (bound): [AF_INET]10.21.3.21:21194
Wed May 6 12:02:14 2020 UDPv4 link remote: [AF_UNSPEC]
8.4.5.3. messages.log
This log contains global system messages such as the system error messages, system startups and shutdowns, change in the network configuration, etc.
Path:
/var/log/messages
Example:
Mar 8 06:26:01 LAB0oncore auditd[1432]: Audit daemon rotating log files
Mar 8 06:40:09 LAB0oncore named[1531]: managed-keys-zone ./IN/registry: Failed to create fetch for DNSKEY update
8.4.5.4. firewall.log
This log contains information related to the firewall rules matched.
Path:
/var/log/firewall.log
Example:
534 DF PROTO=TCP SPT=36196 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Oct 9 19:27:46 fwqa001 kernel: FW: fw-FWCorp ACCEPT IN= OUT=eth0 SRC=10.250.102.104 DST=10.10.36.43 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=6611 DF PROTO=TCP SPT=36198 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Oct 9 19:27:46 fwqa001 kernel: FW: fw-FWCorp ACCEPT IN= OUT=eth0 SRC=10.250.102.104 DST=10.10.36.43 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=58176 DF PROTO=TCP SPT=36200 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0
Oct 9 19:27:47 fwqa001 kernel: FW: fw-FWCorp ACCEPT IN= OUT=eth0 SRC=10.250.102.104 DST=10.250.102.103 LEN=943 TOS=0x00 PREC=0x00 TTL=128 ID=42218 DF PROTO=UDP SPT=58809 DPT=2003 LEN=923
Oct 9 19:27:47 fwqa001 kernel: FW: fw-FWCorp ACCEPT IN= OUT=eth0 SRC=10.250.102.104 DST=10.250.102.103 LEN=910 TOS=0x00 PREC=0x00 TTL=128 ID=42219 DF PROTO=UDP SPT=58809 DPT=2003 LEN=890
8.4.5.5. yum.log
This log contains information related to the update process.
Path:
/var/log/yum.log
May 26 16:31:35 Updated: 1:java-1.8.0-openjdk-devel-1.8.0.332.b09-1.el7_9.x86_64
May 26 16:31:36 Updated: 32:bind-export-libs-9.11.4-26.P2.el7_9.9.x86_64
May 26 16:31:36 Updated: gtk-update-icon-cache-3.22.30-8.el7_9.x86_64
May 26 16:31:36 Updated: python-perf-3.10.0-1160.66.1.el7.x86_64
May 26 16:31:36 Updated: 14:libpcap-1.5.3-13.el7_9.x86_64
May 26 16:31:37 Updated: gzip-1.5-11.el7_9.x86_64
May 26 16:31:43 Installed: kernel-3.10.0-1160.66.1.el7.x86_64
May 30 12:56:00 Installed: cmix-fw_openvpn_radiusplugin_opennac-1.6.0-23.7267.SVN.el7.x86_64
8.4.5.6. cmix-api.log
This log contains information related to the API calls on the VPN Gateway node.
Path:
/var/log/viapps/cmix-api.log
Request: Array
(
[method] => DELETE
[uri] => /fw/wireguard-peer?id=172.16.120.7&fromOpennac=true
[params] => Array
(
[module] => fw
[controller] => fw-wireguard-peer
[id] => 172.16.120.7
[fromOpennac] => true
)
)
8.4.5.7. cmix-audit.log
This log contains information regarding changes that have been made to the VPN Gateway node. As for example the creation of hosts, VPN, configuration, etc.
Path:
/var/log/viapps/cmix-api.log
2022-10-17 13:08:11 INFO (6): User 'admin' insert FwHost={"zone":"vpnrw","name":"eth0:dynamic","options":"","enabled":true,"comments":"","id":"896dac7f0d2bf0f0fff8f398024ce94b"}
2022-10-17 13:08:22 INFO (6): User 'admin' delete FwHost="896dac7f0d2bf0f0fff8f398024ce94b"
8.4.5.8. cmix-cluster-commands.log
If clusterized, this log contains information about the commands that are executed internally on the node when performing certain actions.
Path:
/var/log/viapps/cmix-cluster-commands.log
2022-10-17 13:08:11 INFO (6): {"module":"Fw","entity":"FwHost","method":"insert","item":{"zone":"vpnrw","name":"eth0:dynamic","options":"","enabled":true,"comments":"","id":"896dac7f0d2bf0f0fff8f398024ce94b"}}
2022-10-17 13:08:22 INFO (6): {"module":"Fw","entity":"FwHost","method":"delete","item":"896dac7f0d2bf0f0fff8f398024ce94b"}
8.4.5.9. cmix-commands.log
This log contains information about the commands that are executed internally on the node when performing certain actions.
Path:
/var/log/viapps/cmix-commands.log
2022-10-17 13:08:11 INFO (6): {"module":"Fw","entity":"FwHost","method":"insert","item":{"zone":"vpnrw","name":"eth0:dynamic","options":"","enabled":true,"comments":"","id":"896dac7f0d2bf0f0fff8f398024ce94b"}}
2022-10-17 13:08:22 INFO (6): {"module":"Fw","entity":"FwHost","method":"delete","item":"896dac7f0d2bf0f0fff8f398024ce94b"}
8.4.5.10. cmix-healthcheck-realservers.log
In this log, we can find a record about the healtchecks that are sent to the infrastructure servers. To be able to see errors in this area.
Path:
/var/log/viapps/cmix-healthcheck-realservers.log
8.4.5.11. cmix-scripts.log
This log contains information related to the execution of scripts on the VPN Gateway node.
Path:
/var/log/viapps/cmix-scripts.log
[wg_purge_peers][Mon Oct 10 13:56:02 CEST 2022] (Username: user5; Dynamic Zone: vpnusr; Agent; Dynamic) 172.16.120.249 deleted for not being connected
[wg_purge_peers][Mon Oct 10 16:57:02 CEST 2022] (Username: user5; Dynamic Zone: vpnusr; Agent; Dynamic) 172.16.120.250 deleted for not being connected
[wg_purge_peers][Mon Oct 10 17:50:02 CEST 2022] (Username: user5; Dynamic Zone: vpnusr; Agent; Dynamic) 172.16.120.253 deleted for not being connected
[wg_purge_peers][Mon Oct 10 17:58:30 CEST 2022] (Username: user5; Dynamic Zone: vpnusr; Agent; Dynamic) 172.16.120.4 deleted for not being connected
[wg_purge_peers][Mon Oct 10 18:06:02 CEST 2022] (Username: user5; Dynamic Zone: vpnusr; Agent; Dynamic) 172.16.120.7 deleted for not being connected
8.4.5.12. cmix-web
This log contain information about the errors that occur at the web level in the VPN Gateway module.
Path:
/var/log/viapps/cmix-web
8.4.5.13. cmix-webmin.log
This log contain information about web administration through the VPN Gateway node and its web console.
Path:
/var/log/viapps/cmix-webmin.log
2022-10-17 13:14:39 INFO (6): xmlrpc call elapsed time: 0.51827907562256 seconds
2022-10-17 13:14:39 INFO (6): xmlrpc call elapsed time: 0.27977585792542 seconds
2022-10-17 13:14:39 INFO (6): xmlrpc response: array (
0 =>
Application_Model_NetGeneral::__set_state(array(
'hostname' => 'fwqa001',
'primaryDns' => '8.8.8.8',
'secondaryDns' => '1.1.1.1',
'tertiaryDns' => '',
'domain' => 'srvdev.local',
'relayHost' => '',
'defaultGateway' => '',
'id' => NULL,
)),
)