You can use the diagnose debug flow commands to do a policy simulation. An example of the output:
fw01 (root) # diagnose debug enable
fw01 (root) # diagnose debug flow show console enable
show trace messages on consolefw01 (root) # diagnose debug flow filter addr 10.10.1.25
fw01 (root) # diagnose debug flow trace start 5
You can stop the trace with the following commands:
fw01 (root) # diagnose debug flow trace stop
fw01 (root) # diagnose debug flow show console disable
do not show trace messages on consolefw01 (root) # diagnose debug disable
To get more logging from SecurEnvoy SecurAccess on a Windows server you have to add the following line to the file local.ini.
Debug_admin=True
A log file will be created with detailed logging. The log file is created under C:\Debug\admin.txt.