ipsec vpn logging

Discussion in 'Cisco' started by mmark751969, Apr 22, 2009.

  1. mmark751969

    mmark751969 Guest

    I've established a number of ipsec vpn's from our 1811 to a number of
    remote sites. This is for the purposes of internal node monitoring at
    those sites. Sometimes the actual vpn's go down though(kicking off a
    number of alerts). I'm wanting a way of knowing when those vpn's go
    down so we know if it's the vpn's or the actual remote nodes. Would
    installing a syslog server for the 1811 be sufficient or is there a
    more preferred way.
     
    mmark751969, Apr 22, 2009
    #1
    1. Advertising

  2. mmark751969

    alexd Guest

    mmark751969 wrote:

    > I've established a number of ipsec vpn's from our 1811 to a number of
    > remote sites. This is for the purposes of internal node monitoring at
    > those sites. Sometimes the actual vpn's go down though(kicking off a
    > number of alerts). I'm wanting a way of knowing when those vpn's go
    > down so we know if it's the vpn's or the actual remote nodes. Would
    > installing a syslog server for the 1811 be sufficient or is there a
    > more preferred way.


    If you speak SNMP, walk the CISCO-IPSEC-FLOW-MONITOR-MIB::cipSecTunnelTable
    to find the index of the tunnel(s) you're interested in, and monitor
    cipSecTunStatus.n, where 'n' is the index of the tunnel. There's probably a
    way to SNMP trap it as well, ie get the router to tell you when the status
    of a tunnel changes.

    Alternatively you might be able to monitor the private-side IP of each
    remote router with ping. If that disappears then you know that the tunnel
    is off.

    Yet another alternative is to have the remote routers do the monitoring for
    you with SLAs, and poll the results with SNMP.

    --
    <http://ale.cx/> (AIM:troffasky) ()
    16:10:11 up 138 days, 17:21, 3 users, load average: 0.19, 0.10, 0.05
    My god, said I, with my one liquid eye, am I dreaming, or am I insane?
     
    alexd, Apr 22, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joris Deschacht
    Replies:
    0
    Views:
    3,972
    Joris Deschacht
    Oct 16, 2003
  2. Alex
    Replies:
    3
    Views:
    873
    Guest
    May 12, 2004
  3. mw
    Replies:
    2
    Views:
    3,291
  4. Christian Roos

    logging buffered vs. logging history

    Christian Roos, Feb 5, 2006, in forum: Cisco
    Replies:
    4
    Views:
    15,191
  5. Corbin O'Reilly

    Logging IPSEC VPN connections with SYSLOG

    Corbin O'Reilly, Jul 20, 2006, in forum: Cisco
    Replies:
    2
    Views:
    2,455
    Corbin O'Reilly
    Jul 28, 2006
Loading...

Share This Page