debug crypto isakmp on ASA

Unanswered Question
Dec 11th, 2007
User Badges:

Folks,

I have an ASA and would like to see why my ipsec tunnel is not coming up.

I enable logging. and then type in "debug crypto isakmp", but see nothing, in old pix could, it was so easy to troubleshoot but with 7.x code is there a good command to see debug output?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
husycisco Tue, 12/11/2007 - 11:31
User Badges:
  • Gold, 750 points or more

Hi Navin

try

debug crypto isakmp 50

Also using syslogs is really useful. You know ASDM has one built-in. Set the loggig level to notifications


Regards

JORGE RODRIGUEZ Tue, 12/11/2007 - 11:37
User Badges:
  • Green, 3000 points or more

if doing the debug from telnet session you need to enable terminal monitor, try this.


ciscoasa#terminal monitor


then use your debug , to disable it issue terminal no monitor


HTH

Jorge





rmaxson2@comcast.net Fri, 12/14/2007 - 12:34
User Badges:

Quick trick, since debug can run away on you making it hard to enter commands. do this enter the NO version of the command first then enter the command like.


no debug crypto isa

debug crypto isa


that way if it takes off all you do is hit up arrow once and return to end the command.





Actions

This Discussion