Strongswan allows us to use charon.syslog.<facility>.ike_name which can help more faster find peer info for troubleshooting.
When we change /etc/strongswan.d/charon-logging.conf and add ike_name = yes
charon { syslog { # prefix for each log message identifier = charon # use default settings to log to the LOG_DAEMON facility daemon { default = 1 ike_name = yes } } }
This adds the possibility grepping/matching peers what we need.
vyos@vyos# run show log vpn ipsec | match 100.64.0.1 Jun 19 14:03:54 vyos charon: 12[IKE] <peer-100.64.0.1-tunnel-0|1> initiating Main Mode IKE_SA peer-100.64.0.1-tunnel-0[1] to 100.64.0.1 Jun 19 14:03:54 vyos charon: 12[ENC] <peer-100.64.0.1-tunnel-0|1> generating ID_PROT request 0 [ SA V V V V V ] Jun 19 14:03:54 vyos charon: 12[NET] <peer-100.64.0.1-tunnel-0|1> sending packet: from 100.64.0.2[500] to 100.64.0.1[500] (180 bytes) Jun 19 14:03:54 vyos charon: 07[NET] <peer-100.64.0.1-tunnel-0|1> received packet: from 100.64.0.1[500] to 100.64.0.2[500] (56 bytes) Jun 19 14:03:54 vyos charon: 07[ENC] <peer-100.64.0.1-tunnel-0|1> parsed INFORMATIONAL_V1 request 3793066263 [ N(NO_PROP) ] Jun 19 14:03:54 vyos charon: 07[IKE] <peer-100.64.0.1-tunnel-0|1> received NO_PROPOSAL_CHOSEN error notify