09-26-2014 08:40 AM
Hello
The RV320 logs are very poor to troubleshoot VPN issues, even with external syslog facility, at the maximum log level the device does not log any VPN event.
Is there a way to increase the log level?
Is there a separate syslog facility local# for VPN?
Where to get extensive documentation about syslog facilities numbers used by RV320?
Thank you
10-15-2014 11:36 PM
Hi, having the exact same issue with RV325
Did you manage to get more logs? how? where?
Thanks!
10-22-2014 03:54 AM
Cisco support team is trying to fix this up, but it's not working
They managed to build a working tunnel but that's not the point, we need VPN logs, period.
It looks like the device only starts VPN log after a succesfull VPN connection, making the device impossible to setup, diagnose or monitor failed VPN connections. This is a no go.
using external syslog does not help, the only VPN related output I get in log is :
Oct 22 12:32:18 10.0.0.254 VPN Log: [g2gips0]: [Tunnel Disconnected]
what I should get (and is a must have) would be :
2014-10-20, 05:15:31 | VPN Log | [g2gips2] #11: [Tunnel Established] ISAKMP SA established |
2014-10-20, 05:15:54 | VPN Log | [g2gips2] #14: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-20, 05:15:55 | VPN Log | [g2gips2]: cmd=up-client peer=62.176.126.28 peer_client=192.168.1.0/24 peer_client_net=192.168.1.0 peer_client_mask=255.255.255.0 |
2014-10-20, 05:15:55 | VPN Log | ip route add 192.168.1.0/24 via 88.161.221.254 dev eth1 metric 35 |
2014-10-20, 05:15:55 | VPN Log | iptables -t nat -I vpn -s 10.0.0.0/24 -d 192.168.1.0/24 -j ACCEPT |
2014-10-20, 05:15:55 | VPN Log | iptables -t nat -I vpn -s 192.168.1.0/24 -d 10.0.0.0/24 -j ACCEPT |
2014-10-20, 05:15:55 | VPN Log | iptables -t nat -I vpn_postrouting -s 10.0.0.0/24 -d 192.168.1.0/24 -j ACCEPT |
2014-10-20, 05:15:55 | VPN Log | iptables -t nat -I vpn_postrouting -o eth0 -s 192.168.1.0/24 -d 10.0.0.0/24 -j ACCEPT |
2014-10-20, 05:15:55 | VPN Log | [g2gips2] #15: [Tunnel Established] IPsec SA established {ESP=>0xc570a9c8 < 0xc43d09ba} |
2014-10-20, 05:16:53 | VPN Log | [g2gips2] #15: [Tunnel Negotiation Fail] DPD: Could not find newest phase 1 state |
2014-10-20, 05:26:44 | User Log | User cisco Session Expired |
2014-10-20, 06:14:42 | VPN Log | [g2gips2] #16: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-20, 06:14:42 | VPN Log | [g2gips2] #17: [Tunnel Established] IPsec SA established {ESP=>0xc0931255 < 0xc928b34e} |
2014-10-20, 06:14:42 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc570a9c8) not found (maybe expired) |
2014-10-20, 07:13:34 | VPN Log | [g2gips2] #18: [Tunnel Established] IPsec SA established {ESP=>0xcea6223a < 0xcfbc92ba} |
2014-10-20, 07:13:34 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc0931255) not found (maybe expired) |
2014-10-20, 08:12:20 | VPN Log | [g2gips2] #19: [Tunnel Established] IPsec SA established {ESP=>0xcdb2138d < 0xcfa80369} |
2014-10-20, 08:12:20 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcea6223a) not found (maybe expired) |
2014-10-20, 09:11:09 | VPN Log | [g2gips2] #20: [Tunnel Established] IPsec SA established {ESP=>0xc5aeba36 < 0xcd182a7c} |
2014-10-20, 09:11:09 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcdb2138d) not found (maybe expired) |
2014-10-20, 10:09:57 | VPN Log | [g2gips2] #21: [Tunnel Established] IPsec SA established {ESP=>0xc862dbe2 < 0xc68a5a29} |
2014-10-20, 10:09:57 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc5aeba36) not found (maybe expired) |
2014-10-20, 11:08:45 | VPN Log | [g2gips2] #22: [Tunnel Established] IPsec SA established {ESP=>0xc8c5d191 < 0xc7009873} |
2014-10-20, 11:08:45 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc862dbe2) not found (maybe expired) |
2014-10-20, 12:07:29 | VPN Log | [g2gips2] #23: [Tunnel Established] IPsec SA established {ESP=>0xcbb5aca6 < 0xc087d294} |
2014-10-20, 12:07:29 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc8c5d191) not found (maybe expired) |
2014-10-20, 13:06:16 | VPN Log | [g2gips2] #24: [Tunnel Established] IPsec SA established {ESP=>0xce08b895 < 0xca8ee98b} |
2014-10-20, 13:06:16 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcbb5aca6) not found (maybe expired) |
2014-10-20, 14:05:03 | VPN Log | [g2gips2] #25: [Tunnel Established] IPsec SA established {ESP=>0xc84ace20 < 0xc66ee4e5} |
2014-10-20, 14:05:03 | VPN Log | [g2gips2] #16: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xce08b895) not found (maybe expired) |
2014-10-20, 14:13:46 | VPN Log | [g2gips2] #26: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-20, 15:03:54 | VPN Log | [g2gips2] #27: [Tunnel Established] IPsec SA established {ESP=>0xc8808731 < 0xc6aaaf12} |
2014-10-20, 15:03:54 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc84ace20) not found (maybe expired) |
2014-10-20, 16:02:47 | VPN Log | [g2gips2] #28: [Tunnel Established] IPsec SA established {ESP=>0xc20db40f < 0xcbcbb7c5} |
2014-10-20, 16:02:47 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc8808731) not found (maybe expired) |
2014-10-20, 17:01:39 | VPN Log | [g2gips2] #29: [Tunnel Established] IPsec SA established {ESP=>0xc8f8b88c < 0xc87177ac} |
2014-10-20, 17:01:39 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc20db40f) not found (maybe expired) |
2014-10-20, 18:00:24 | VPN Log | [g2gips2] #30: [Tunnel Established] IPsec SA established {ESP=>0xc24edeb7 < 0xc31180a7} |
2014-10-20, 18:00:24 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc8f8b88c) not found (maybe expired) |
2014-10-20, 18:59:12 | VPN Log | [g2gips2] #31: [Tunnel Established] IPsec SA established {ESP=>0xcf388896 < 0xcca051f9} |
2014-10-20, 18:59:12 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc24edeb7) not found (maybe expired) |
2014-10-20, 19:57:59 | VPN Log | [g2gips2] #32: [Tunnel Established] IPsec SA established {ESP=>0xcb12a9c8 < 0xc6d3e8a4} |
2014-10-20, 19:57:59 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcf388896) not found (maybe expired) |
2014-10-20, 20:56:46 | VPN Log | [g2gips2] #33: [Tunnel Established] IPsec SA established {ESP=>0xcdc041c8 < 0xc69fa232} |
2014-10-20, 20:56:46 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcb12a9c8) not found (maybe expired) |
2014-10-20, 21:55:36 | VPN Log | [g2gips2] #34: [Tunnel Established] IPsec SA established {ESP=>0xc4f97df6 < 0xc4a67abd} |
2014-10-20, 21:55:36 | VPN Log | [g2gips2] #26: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcdc041c8) not found (maybe expired) |
2014-10-20, 22:12:56 | VPN Log | [g2gips2] #35: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-20, 22:54:27 | VPN Log | [g2gips2] #36: [Tunnel Established] IPsec SA established {ESP=>0xc3716585 < 0xc41ab42b} |
2014-10-20, 22:54:27 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc4f97df6) not found (maybe expired) |
2014-10-20, 23:53:13 | VPN Log | [g2gips2] #37: [Tunnel Established] IPsec SA established {ESP=>0xcfc747c8 < 0xc5994856} |
2014-10-20, 23:53:13 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc3716585) not found (maybe expired) |
2014-10-21, 00:51:58 | VPN Log | [g2gips2] #38: [Tunnel Established] IPsec SA established {ESP=>0xcf4ea957 < 0xc566c6d3} |
2014-10-21, 00:51:58 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcfc747c8) not found (maybe expired) |
2014-10-21, 01:50:48 | VPN Log | [g2gips2] #39: [Tunnel Established] IPsec SA established {ESP=>0xc4f4ddc5 < 0xc852f0a8} |
2014-10-21, 01:50:48 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcf4ea957) not found (maybe expired) |
2014-10-21, 02:49:33 | VPN Log | [g2gips2] #40: [Tunnel Established] IPsec SA established {ESP=>0xc4d14f63 < 0xc841322e} |
2014-10-21, 02:49:33 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc4f4ddc5) not found (maybe expired) |
2014-10-21, 03:48:17 | VPN Log | [g2gips2] #41: [Tunnel Established] IPsec SA established {ESP=>0xcab61c1d < 0xc8e06d65} |
2014-10-21, 03:48:17 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc4d14f63) not found (maybe expired) |
2014-10-21, 04:47:10 | VPN Log | [g2gips2] #42: [Tunnel Established] IPsec SA established {ESP=>0xcc4d0867 < 0xc5370a2f} |
2014-10-21, 04:47:10 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcab61c1d) not found (maybe expired) |
2014-10-21, 05:45:57 | VPN Log | [g2gips2] #43: [Tunnel Established] IPsec SA established {ESP=>0xcb8459a9 < 0xcab43b24} |
2014-10-21, 05:45:57 | VPN Log | [g2gips2] #35: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcc4d0867) not found (maybe expired) |
2014-10-21, 06:12:00 | VPN Log | [g2gips2] #44: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-21, 06:44:47 | VPN Log | [g2gips2] #45: [Tunnel Established] IPsec SA established {ESP=>0xc1d633d9 < 0xc5b9214f} |
2014-10-21, 06:44:47 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcb8459a9) not found (maybe expired) |
2014-10-21, 07:43:37 | VPN Log | [g2gips2] #46: [Tunnel Established] IPsec SA established {ESP=>0xc8a6235e < 0xc549a18d} |
2014-10-21, 07:43:37 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc1d633d9) not found (maybe expired) |
2014-10-21, 08:42:28 | VPN Log | [g2gips2] #47: [Tunnel Established] IPsec SA established {ESP=>0xc563592a < 0xc033e13d} |
2014-10-21, 08:42:28 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc8a6235e) not found (maybe expired) |
2014-10-21, 09:41:12 | VPN Log | [g2gips2] #48: [Tunnel Established] IPsec SA established {ESP=>0xc6c5e0b6 < 0xc9acd1e2} |
2014-10-21, 09:41:12 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc563592a) not found (maybe expired) |
2014-10-21, 10:40:03 | VPN Log | [g2gips2] #49: [Tunnel Established] IPsec SA established {ESP=>0xc49d311a < 0xca8961e8} |
2014-10-21, 10:40:03 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc6c5e0b6) not found (maybe expired) |
2014-10-21, 11:38:53 | VPN Log | [g2gips2] #50: [Tunnel Established] IPsec SA established {ESP=>0xc682b92b < 0xc01e3e5f} |
2014-10-21, 11:38:53 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc49d311a) not found (maybe expired) |
2014-10-21, 12:37:41 | VPN Log | [g2gips2] #51: [Tunnel Established] IPsec SA established {ESP=>0xc0e9d4eb < 0xc0c1b26a} |
2014-10-21, 12:37:41 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc682b92b) not found (maybe expired) |
2014-10-21, 13:36:29 | VPN Log | [g2gips2] #52: [Tunnel Established] IPsec SA established {ESP=>0xc424276a < 0xc0467e19} |
2014-10-21, 13:36:29 | VPN Log | [g2gips2] #44: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc0e9d4eb) not found (maybe expired) |
2014-10-21, 14:11:11 | VPN Log | [g2gips2] #53: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-21, 14:35:19 | VPN Log | [g2gips2] #54: [Tunnel Established] IPsec SA established {ESP=>0xcd1fd84c < 0xcf04b6c7} |
2014-10-21, 14:35:19 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc424276a) not found (maybe expired) |
2014-10-21, 15:34:04 | VPN Log | [g2gips2] #55: [Tunnel Established] IPsec SA established {ESP=>0xc3113be6 < 0xc65372f0} |
2014-10-21, 15:34:04 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcd1fd84c) not found (maybe expired) |
2014-10-21, 16:32:50 | VPN Log | [g2gips2] #56: [Tunnel Established] IPsec SA established {ESP=>0xce3366c1 < 0xc07a386a} |
2014-10-21, 16:32:50 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc3113be6) not found (maybe expired) |
2014-10-21, 17:31:41 | VPN Log | [g2gips2] #57: [Tunnel Established] IPsec SA established {ESP=>0xc4e798d5 < 0xcbf28568} |
2014-10-21, 17:31:41 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xce3366c1) not found (maybe expired) |
2014-10-21, 18:30:34 | VPN Log | [g2gips2] #58: [Tunnel Established] IPsec SA established {ESP=>0xca3ae297 < 0xc3bbfe7a} |
2014-10-21, 18:30:34 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc4e798d5) not found (maybe expired) |
2014-10-21, 19:29:19 | VPN Log | [g2gips2] #59: [Tunnel Established] IPsec SA established {ESP=>0xc1367073 < 0xc98417bb} |
2014-10-21, 19:29:19 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xca3ae297) not found (maybe expired) |
2014-10-21, 20:28:09 | VPN Log | [g2gips2] #60: [Tunnel Established] IPsec SA established {ESP=>0xc3154e60 < 0xc49981b4} |
2014-10-21, 20:28:09 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc1367073) not found (maybe expired) |
2014-10-21, 21:26:54 | VPN Log | [g2gips2] #61: [Tunnel Established] IPsec SA established {ESP=>0xc3f9cda2 < 0xc91f6fb0} |
2014-10-21, 21:26:54 | VPN Log | [g2gips2] #53: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc3154e60) not found (maybe expired) |
2014-10-21, 22:10:12 | VPN Log | [g2gips2] #62: [Tunnel Established] sent MR3, ISAKMP SA established |
2014-10-21, 22:25:42 | VPN Log | [g2gips2] #63: [Tunnel Established] IPsec SA established {ESP=>0xcd940687 < 0xcbd22c5d} |
2014-10-21, 22:25:42 | VPN Log | [g2gips2] #62: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xc3f9cda2) not found (maybe expired) |
2014-10-21, 23:24:29 | VPN Log | [g2gips2] #64: [Tunnel Established] IPsec SA established {ESP=>0xcae03dc9 < 0xc85cb2f9} |
2014-10-21, 23:24:29 | VPN Log | [g2gips2] #62: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcd940687) not found (maybe expired) |
2014-10-22, 00:23:18 | VPN Log | [g2gips2] #65: [Tunnel Established] IPsec SA established {ESP=>0xcc14effb < 0xc17a1642} |
2014-10-22, 00:23:18 | VPN Log | [g2gips2] #62: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcae03dc9) not found (maybe expired) |
2014-10-22, 01:22:09 | VPN Log | [g2gips2] #66: [Tunnel Established] IPsec SA established {ESP=>0xc8605908 < 0xcb101988} |
2014-10-22, 01:22:09 | VPN Log | [g2gips2] #62: [Tunnel Authorize Fail] ignoring Delete SA payload: PROTO_IPSEC_ESP SA(0xcc14effb) not found (maybe expired) |
2014-10-22, 01:55:35 | VPN Log | [g2gips2] #62: [Tunnel Negotiation Fail] DPD: No response from peer - declaring peer dead |
2014-10-22, 01:55:35 | VPN Log | [g2gips2]: cmd=down-client peer=62.176.126.28 peer_client=192.168.1.0/24 peer_client_net=192.168.1.0 peer_client_mask=255.255.255.0 |
2014-10-22, 01:55:35 | VPN Log | ip route del 192.168.1.0/24 via 88.161.221.254 dev eth1 metric 35 |
2014-10-22, 01:55:35 | VPN Log | iptables -t nat -D vpn -s 10.0.0.0/24 -d 192.168.1.0/24 -j ACCEPT |
2014-10-22, 01:55:35 | VPN Log | iptables -t nat -D vpn -s 192.168.1.0/24 -d 10.0.0.0/24 -j ACCEPT |
2014-10-22, 01:55:35 | VPN Log | iptables -t nat -D vpn_postrouting -s 10.0.0.0/24 -d 192.168.1.0/24 -j ACCEPT |
2014-10-22, 01:55:35 | VPN Log | iptables -t nat -D vpn_postrouting -o eth0 -s 192.168.1.0/24 -d 10.0.0.0/24 -j ACCEPT |
10-24-2014 05:25 AM
Hello
Thanks to cisco support, I tested with a working tunnel, and that's what I feared :
the device has the "feature" to only log VPN success, if you don't have a successful VPN connection, you get no log and stay in the cold.
This is insane, as logs are needed to pinpoint problems, failures or monitor breakins attempts etc....
A device well fit for bin, stay away
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide