03-17-2006 01:50 PM - edited 03-03-2019 12:05 PM
I having some weird issues with my logs. Up until about 2 months ago my router was logging the following information:
.Jan 8 22:18:54: As1 PPP: Treating connection as a dedicated line
.Jan 8 22:19:07: As1 PPP: Phase is AUTHENTICATING, by this end
.Jan 8 22:19:07: As1 CHAP: O CHALLENGE id 250 len 37 from "WAL01RT06-DIALUP"
.Jan 8 22:19:08: As1 CHAP: I RESPONSE id 250 len 28 from "W817bxl"
.Jan 8 22:19:08: As1 CHAP: O SUCCESS id 250 len 4
Now it no longer logs this info. Is there a logging command that would allow me to start logging this info again?
Thanks
03-17-2006 02:29 PM
Aftering playing around with it for awhile, I figured out that the command is 'debug ppp authentication'. When the router reboot, the debug command went away.
On that note, is there any way to have the router automatically run a debug command if it reboots?
03-17-2006 02:37 PM
These are messages generated by a debug command. You therefore need "debugging" level configured on the router logging. This is how you do that:
R1(config)#logging buffered debugging
R1(config)#end
R1#
00:03:12: %SYS-5-CONFIG_I: Configured from console R1#sh logg
Syslog logging: enabled (1 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)
Console logging: level debugging, 65 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 275 messages logged
Logging Exception size (4096 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled
Trap logging: level informational, 21 message lines logged
R1#
You might also want to configure it on the console as well as follow if you want these messages to show on the router console:
R1(config)#logging console debugging
R1(config)#end
Hope this helps,
03-17-2006 02:52 PM
I have all that setup. The problem is, when the router reboots, it loses the 'debug ppp authentication' command. Can I tell the router to automatically run this command when it boots up?
03-17-2006 03:07 PM
Corey
debug is an exec privilege level command not a configuratin command. So as far as I know there is not any way to configure your router to automatically run the debug ppp authentication when the router reboots.
Perhaps we can think about your question a bit differently and come up with an alternative that might work. What is it in the debug output that you find particularly valuable and helpful. I am guessing that it might be the knowledge of who was gaining ppp access to the router. You can also get that information through the accounting functions of aaa. I have configured several routers where users access the router via ppp. I set up aaa accounting and it sends accounting records that clearly show each user who has successfully authenticated into the router.
If it is not a listing of users who have authenticated then perhaps you can tell us what you are looking for in the debug output and perhaps we can suggest another way to get that information.
HTH
Rick
03-17-2006 03:15 PM
Yes, all I'm trying to get is the user info. How would I set it up with aaa accounting?
Thanks for your help!
03-18-2006 07:04 AM
Corey
I am assuming that you have aaa configured and working. If not then we would have to address a bit more. But assuming that you have working aaa here is what I use and it works well for us:
aaa authentication ppp default if-needed group tacacs+ local
aaa accounting network dial_acct start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
and on the interface(s) where ppp connections will be established I have this:
ppp accounting dial_acct
This send the accounting records for the ppp sessions to the aaa server which provides a report of the ppp activity.
This provides the information that we need. It is lower overhead than depending on debug. And since it is in the configuration it maintains functionality through reboots.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: