[PIX 501, 6.3] Syslog, VPN

Discussion in 'Cisco' started by Akut, Jan 7, 2007.

  1. Akut

    Akut Guest

    Hi,

    I have a problem to establish a VPN connection and I'd like to log what's
    happening (IKE phase1 & IPSec phase2) with a syslog server.
    My syslog server is receiving logs, but I can't find how to enable logging
    of any VPN connection informations.
    Could you please help me ?

    Thanks,
    Akut.
     
    Akut, Jan 7, 2007
    #1
    1. Advertisements

  2. Akut

    Bod43 Guest

    logging trap debug
    deb cry isa
    debug cry ipsec

    deb cry ? ! for help.

    sh deb
     
    Bod43, Jan 7, 2007
    #2
    1. Advertisements

  3. Akut

    Akut Guest

    Thank you for your answer.
    I entered it but still I can't see anything about the vpn in the syslog :-/
    I think something's wrong with the conf :

    ....
    pager lines 24
    logging on
    logging monitor errors
    logging trap debugging
    logging host inside 192.168.122.253
    ip audit info action alarm
    ip audit attack action alarm
    pdm logging informational 100
    pdm history enable
    access-group inside in interface inside
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    sysopt connection permit-ipsec
    ....


    Thx again,
    Akut
     
    Akut, Jan 7, 2007
    #3
  4. Akut

    Akut Guest

    logging trap debug

    pix11(config)# sh log

    Syslog logging: enabled
    Facility: 20
    Timestamp logging: disabled
    Standby logging: disabled
    Console logging: disabled
    Monitor logging: level errors, 0 messages logged
    Buffer logging: disabled
    Trap logging: level debugging, 174 messages logged
    Logging to inside 192.168.122.253
    History logging: disabled
    Device ID: disabled

    ?
     
    Akut, Jan 7, 2007
    #4
  5. Akut

    Bod43 Guest

    Ah! Now you tell us it's a Pix:)

    Google groups did not have that in the original subject.

    I know little of the Pix.

    I have no idea what the crypto debugging commands might be.

    If you turn on buffer logging you will then get the messages
    written to the local buffer and will be able to see them with "sh
    logg".
    On a router the default buffer size is only 4k and you need to
    increase it to be useful say with "logging buffered 50000".
    On Pix???

    Sorry, someone with a clue will be along shortly.
     
    Bod43, Jan 7, 2007
    #5
  6. Akut

    mak Guest

    mak, Jan 8, 2007
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.