11-27-2007 12:54 AM - edited 03-09-2019 07:29 PM
Running 12.4(17) (c3825-advipservicesk9-mz.124-17) on a 3825 (w/VPN module) in my lab. I have a working VPN tunnel to an older 12.3 IOS router. It's a basic crypto map, so I'll no include the config. It does work. I can bring it up with interesting traffic and break it with a clear crypo session. no problems with VPN itself.
With that said, how the heck can I monitor this thing? It seems the CRYPTO-5-SESSION_STATUS (up/down) log messages are no longer being generated. I've seen several post regarding this "problem" on usenet and the web, but have found no answer why it's gone and what may be the alternative, if any.
I just need a way to monitor these tunnels. The CRYPTO-5-SESSION_STATUS messages was the only way I knew of.
Any help would be greatly appreciated.
MikeG
11-27-2007 10:44 AM
BTW, as far as I can tell, the CRYPTO-5-SESSION_STATUS messages *should* be there.
http://cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455af9.html
MikeG
11-27-2007 03:38 PM
Got the answer from TAC. For some reason, the developers added a new command to turn these messages on (it's off by default). In the past, it's always been on by default (with no way of disabling it).
! In config t
crypto logging session
That turns it on. YAY!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide