IPSEC VPN log

Unanswered Question
Aug 26th, 2009

Hi,

I have a Cisco 2811 router with IPSEC site to site VPN configured to a particular IP. I have a log server (linux box) in my network. I need to log all VPN events (tunnel establishment, various phases etc.) so that evenif the tuneel goes down, I can see what happened that particular time. Currently I have debug crypto ipsec and debug crypto isakmp on and the events are logged in my log server. Turning on the debugs increases my router processor utilization. Is there any other way (apart from turning on the debug) to log the VPN activity?

Thanks for any response.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sunsrini Wed, 08/26/2009 - 10:56

I doubt there is any syslogs for ipsec negotiation phases but you can turn on syslog for session up/down. Other than that you have only debugs to check.

crypto logging session

cameron.moody Thu, 08/27/2009 - 00:49

I suppose another option may be to enable snmp for ipsec? This may give the info that you need?

•CISCO-IPSEC-FLOW-MONITOR- MIB

•CISCO-IPSEC-MIB

•CISCO-IPSEC-POLICY-MAP-MIB

HTH

Cameron

ribin.jones Thu, 08/27/2009 - 04:21

How do I enable snmp for ipsec ? Any commands highly appreciable..

Actions

Login or Register to take actions

This Discussion

Posted August 26, 2009 at 6:19 AM
Stats:
Replies:3 Overall Rating:
Views:314 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Rank Username Points
1
Federico Coto F...
1,913
2
Jouni Forss
1,876
3
Marvin Rhoads
1,625
4
Karsten Iwen
1,109
5
Jon Marshall
688
Rank Username Points
Adeolu Owokade
40
Marvin Rhoads
30
rizwanr74
15
thiland
10
Marius Gunnerud
10