Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Logging of ESP packets required?

Reply
Thread Tools

Logging of ESP packets required?

 
 
dan
Guest
Posts: n/a
 
      05-20-2005
Hi,

I set up my VPN on a Cisco router 1711 running IOS 12.2(15)ZL1.
Everything works fine but I need to log incoming ESP packets from the
client, otherwise the router does not respond to those packets.

permit esp any host 2.2.2.2 NO RESPONSE
permit esp any host 2.2.2.2 log WORKS

I wonder why "log" is required. Thanks for any hints.

 
Reply With Quote
 
 
 
 
anybody43@hotmail.com
Guest
Posts: n/a
 
      05-20-2005
The LOG keyword may be forcing some packets
to be process switched that would otherwise be fast switched
using your preferred fast switching poison.

You can force process switching with
no ip route-cache
on the interfaces.
You could try this instead of log.


If that "works" call Cisco 'cos its a bug.



What _Exactly_ is 12.2(15)ZL1 ????????

If it supports your requirements move to
a "mainline" release.
i.e. 12.x(y) with NO successive letters.

OR failing that:-
the "T" train.

12.x(y)T

Read about the IOS release process and look at the
IOS roadmap.

http://www.cisco.com/warp/customer/6..._2_15_zl.shtml

Sorry if you are not a "customer".

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to open inbound ESP protocol on a PIX 515 Corbin O'Reilly Cisco 6 04-28-2005 09:01 PM
Support ESP Header in IPv6 Kamil Olszewski Cisco 1 04-09-2005 03:51 PM
ESP problem with MS RRAS to Cisco 3000 VPN passing through PIX 515E Firewall. Sean McGrath Cisco 0 12-29-2003 03:23 PM
fixup protocol esp-ike Michael Cisco 1 11-29-2003 04:16 AM
"access-list logging rate-limited or missed <X> packets" John Caruso Cisco 5 10-29-2003 08:24 AM



Advertisments