Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
2
Replies

Network status UP DOWN.

examples20001
Level 1
Level 1

‎11-21-2006 05:38 PM - edited ‎03-03-2019 02:46 PM

Hi All,

I have Cisco IOS ISR as VPN box with 12.4(5) image.

I am facing some problems in VPN connections to my B.O, but as of now we used to know the VPN trouble only when then user informs us.

Is it possible to detect the VPN connection status automatically?

That is I should know when the VPN connections goes down between H.O and any B.O, so I can look into the trouble before and not by user informing us.

As of now I have enabled to see the status manually in the router.

033619: Nov 21 00:06:46.458 : %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer A.B.C.D:500 Description: Tunnel toA.B.C.D(B.O1) Id: P.Q.R.S

033621: Nov 21 00:07:30.179 : %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer A.B.C.D:500 Description: Tunnel toA.B.C.D(B.O1) Id: P.Q.R.S

What configuration needs to be done for getting status of tunnels automatically to me (thru e-mail is most preferred)?

We have SNMP server too, but what all setup and config need in it and router?

Thank you.

Labels:
0 Helpful
2 Replies 2

amit-singh
Level 8
Level 8

‎11-21-2006 08:57 PM

Hi,

You can install a Syslog server which will collect all the logs and then you can send the logs to the email server. There are a lots of freeware syslog servers that you can use.

Cattools,3com syslog servers etc.

-amit singh

0 Helpful

examples20001
Level 1
Level 1
In response to amit-singh

‎11-21-2006 11:16 PM

Thank you very much for the reply.

I have syslog server and logs are send to syslog server.

But sending all the logs to email server is very difficult.

If I enable the below commands, will the VPN tunnel status send to SNMP server and from SNMP server, generate an e-mail alter to me on the perticular traps?

crypto mib ipsec flowmib history failure size 200

crypto mib ipsec flowmib history tunnel size 200

snmp-server community xxxxxxxx

snmp-server trap-source FastEthernet0/0

snmp-server location a.b.c.d

snmp-server contact xxxx

snmp-server enable traps isakmp tunnel start

snmp-server enable traps isakmp tunnel stop

snmp-server enable traps ipsec tunnel start

snmp-server enable traps ipsec tunnel stop

snmp-server enable traps ipsec too-many-sas

snmp-server host a.b.c.d xxxxxxx ipsec isakmp

But with the below MIBs will it be able to setup in SNMP server?

# CISCO-IPSEC-FLOW-MONITOR- MIB

# CISCO-IPSEC-MIB

# CISCO-IPSEC-POLICY-MAP-MIB

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card