PPTP, L2TP, L2TP over IPSEC important Debugs

Document

Wed, 02/01/2012 - 22:12
Jun 28th, 2011
User Badges:
  • Silver, 250 points or more

Introduction: This document describes the useful commands for troubleshooting PPTP, L2TP and L2TP over ipsec related issues.




Q1.  PPTP Useful debugs Commands---



PIX:

  • debug ppp io
  • debug ppp error
  • debug vpdn error
  • debug vpdn packet
  • debug vpdn event
  • debug ppp uauth


  


Router:


  • debug ppp authen
  • debug ppp nego
  • debug aaa auten
  • debug mppe event
  • debug mppe packet
  • debug vpdn event
  • debug vpdn error
  • debug vpdn packet


Show Commands----


  • show run – Display the running configuration
  • show vpdn - Display the active PPTP clients




VPN 3000 Concentrator



  • Config->events->classes; Add auth (severity to log: 13)
  • authdbg (severity to log: 13)
  • ppp (severity to log: 13)
  • pppdbg (severity to log: 13)
  • pptp (severity to log: 13)
  • pptpdbg (severity to log: 13




Q2.  L2TP useful debugs---




Router:




  • debug vpdn error
  • debug vpdn l2x-errors
  • debug vpdn l2x-events
  • debug vpdn l2x-packets



For AAA issues: (Along with above debugs)


  • debug radius
  • debug aaa authentication/authorization/accounting.


Show Commands----


  • show vpdn – Display the active L2TP clients
  • show ppp mppe virtual-Access 1 - Displays MPPE information for virtual-access interface 1



Q3.  L2TP over IPsec


  • debug crypto isakmp 7—Displays the ISAKMP negotiations of Phase 1
  • debug crypto ipsec 7—Displays the IPsec negotiations of Phase 2.
  • show crypto isakmp sa- Show all current IKE sessions
  • show crypto ipsec sa—Shows all current ISPEC security associations (SAs) at a peer.



Show Commands----


  • show crypto ipsec sa—Shows all current IKE security associations (SAs) at a peer.
  • show crypto isakmp sa—Shows all current IKE SAs at a peer
  • show vpn-sessiondb - Display information about VPN sessions
  • show vpn-sessiondb summary – Display Summary of VPN sessions


References-------

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a0080094501.shtml

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807213a7.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080093f89.shtml

Loading.

Actions

This Document

Related Content