cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1843
Views
0
Helpful
2
Replies

filtering log messages

benlemasurier
Level 1
Level 1

I'm attempting to debug an ipsec tunnel on an ASA 5510 (8.4(3)) and when I turn on `debug crypto ipsec` and then execute `logging monitor` I get an constant stream of TCP debugging events, is it possible to only view ipsec messages?

2 Replies 2

mikeburr1234
Level 1
Level 1

Have you tried using the debug crypto condition commands:

ciscoasa# debug crypto condition ?

  error      Display debug error messages regardless of filters

  group      Filter on a group name

  peer       Filter on a peer address or subnet

  reset      Clear the crypto debug filters

  spi        Filter on an IPSec SPI

  unmatched  Display messages with insufficient context to match a filter

  user       Filter on a user name

kamran_Roostaee
Level 1
Level 1

It seems that you are using VPN, so if you want to check tunnel you can use show and debug but you should classify problem, if you have security issue you can use Show Crypto isakmp sa that shows isakmp operational data but if you want to see isakmp detailed negoiation you can use debug crypto isakmp , but if problem is related to ipsec tunnel you can use show crypto ipsec sa or debug crypto ipsec  but you can add debug level at the end of command, default is 1 for example you can use debug crypto ipsec 7 to debug detailed ipsec negotiations.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco