IPSEC VPN log

Unanswered Question
Aug 26th, 2009

Hi,

I have a Cisco 2811 router with IPSEC site to site VPN configured to a particular IP. I have a log server (linux box) in my network. I need to log all VPN events (tunnel establishment, various phases etc.) so that evenif the tuneel goes down, I can see what happened that particular time. Currently I have debug crypto ipsec and debug crypto isakmp on and the events are logged in my log server. Turning on the debugs increases my router processor utilization. Is there any other way (apart from turning on the debug) to log the VPN activity?

Thanks for any response.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
sunsrini Wed, 08/26/2009 - 10:56

I doubt there is any syslogs for ipsec negotiation phases but you can turn on syslog for session up/down. Other than that you have only debugs to check.

crypto logging session

cameron.moody Thu, 08/27/2009 - 00:49

I suppose another option may be to enable snmp for ipsec? This may give the info that you need?

•CISCO-IPSEC-FLOW-MONITOR- MIB

•CISCO-IPSEC-MIB

•CISCO-IPSEC-POLICY-MAP-MIB

HTH

Cameron

Actions

Login or Register to take actions

This Discussion

Posted August 26, 2009 at 6:19 AM
Stats:
Replies:3 Avg. Rating:
Views:297 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard