Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Network status UP DOWN.

Hi All,

I have Cisco IOS ISR as VPN box with 12.4(5) image.

I am facing some problems in VPN connections to my B.O, but as of now we used to know the VPN trouble only when then user informs us.

Is it possible to detect the VPN connection status automatically?

That is I should know when the VPN connections goes down between H.O and any B.O, so I can look into the trouble before and not by user informing us.

As of now I have enabled to see the status manually in the router.

033619: Nov 21 00:06:46.458 : %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer A.B.C.D:500 Description: Tunnel toA.B.C.D(B.O1) Id: P.Q.R.S

033621: Nov 21 00:07:30.179 : %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer A.B.C.D:500 Description: Tunnel toA.B.C.D(B.O1) Id: P.Q.R.S

What configuration needs to be done for getting status of tunnels automatically to me (thru e-mail is most preferred)?

We have SNMP server too, but what all setup and config need in it and router?

Thank you.

2 REPLIES

Re: Network status UP DOWN.

Hi,

You can install a Syslog server which will collect all the logs and then you can send the logs to the email server. There are a lots of freeware syslog servers that you can use.

Cattools,3com syslog servers etc.

-amit singh

New Member

Re: Network status UP DOWN.

Thank you very much for the reply.

I have syslog server and logs are send to syslog server.

But sending all the logs to email server is very difficult.

If I enable the below commands, will the VPN tunnel status send to SNMP server and from SNMP server, generate an e-mail alter to me on the perticular traps?

crypto mib ipsec flowmib history failure size 200

crypto mib ipsec flowmib history tunnel size 200

snmp-server community xxxxxxxx

snmp-server trap-source FastEthernet0/0

snmp-server location a.b.c.d

snmp-server contact xxxx

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

snmp-server enable traps ipsec tunnel start

snmp-server enable traps ipsec tunnel stop

snmp-server enable traps ipsec too-many-sas

snmp-server host a.b.c.d xxxxxxx ipsec isakmp

But with the below MIBs will it be able to setup in SNMP server?

# CISCO-IPSEC-FLOW-MONITOR- MIB

# CISCO-IPSEC-MIB

# CISCO-IPSEC-POLICY-MAP-MIB

160
Views
0
Helpful
2
Replies