How can I debug VPN connections on a Cisco ASA?

Unanswered Question
Apr 3rd, 2008
User Badges:

Hi,


I have a Cisco ASA and I am trying to get a Cisco 877 DSL router connected to it using the ASDM VPN wizard, but can't.


I have just had the 877 DSL router connect to my Cisco Concentrator and have simlpy changed the peer address on the router to now point to the ASA's external IP instead of the Concentrator. The Concentrator is good because I like it's real-time event viewer and it can tell me if the Concentrator is even seeing the connection attempt, but how can I dall this on the ASA?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Thu, 04/03/2008 - 10:43
User Badges:
  • Blue, 1500 points or more

debug crypto isakmp

debug crypto ipsec

whiteford Fri, 04/04/2008 - 04:16
User Badges:

Can I do anything through the ASDM?


Plus how do I undebug those commands?

phillipediab Thu, 04/10/2008 - 13:46
User Badges:

you can enable logging debug to the asdm and see the loggin messages on the asdm console. "un all" should stop the debug

phillipediab Thu, 04/10/2008 - 13:47
User Badges:

you can enable logging debug to the asdm and see the loggin messages on the asdm console. "un all" should stop the debug

phillipediab Thu, 04/10/2008 - 13:49
User Badges:

you can enable logging debug to the asdm and see the loggin messages on the asdm console. "un all" should stop the debug

whiteford Fri, 04/11/2008 - 03:05
User Badges:

Thanks, what's the best way to show the VPN's up via CLI?

srue Fri, 04/11/2008 - 04:30
User Badges:
  • Blue, 1500 points or more

show isa sa

- that will show the status of phase 1

show cry ipsec sa

- that will show the status of phase 2, as well as number of encrypted/decrypted packets

Actions

This Discussion