Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
6
Replies

Router Logs

corey.mckinney
Level 1
Level 1

‎03-17-2006 01:50 PM - edited ‎03-03-2019 12:05 PM

I having some weird issues with my logs. Up until about 2 months ago my router was logging the following information:

.Jan 8 22:18:54: As1 PPP: Treating connection as a dedicated line

.Jan 8 22:19:07: As1 PPP: Phase is AUTHENTICATING, by this end

.Jan 8 22:19:07: As1 CHAP: O CHALLENGE id 250 len 37 from "WAL01RT06-DIALUP"

.Jan 8 22:19:08: As1 CHAP: I RESPONSE id 250 len 28 from "W817bxl"

.Jan 8 22:19:08: As1 CHAP: O SUCCESS id 250 len 4

Now it no longer logs this info. Is there a logging command that would allow me to start logging this info again?

Thanks

Labels:
0 Helpful
6 Replies 6

corey.mckinney
Level 1
Level 1

‎03-17-2006 02:29 PM

Aftering playing around with it for awhile, I figured out that the command is 'debug ppp authentication'. When the router reboot, the debug command went away.

On that note, is there any way to have the router automatically run a debug command if it reboots?

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee

‎03-17-2006 02:37 PM

These are messages generated by a debug command. You therefore need "debugging" level configured on the router logging. This is how you do that:

R1(config)#logging buffered debugging

R1(config)#end

R1#

00:03:12: %SYS-5-CONFIG_I: Configured from console R1#sh logg

Syslog logging: enabled (1 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)

Console logging: level debugging, 65 messages logged

Monitor logging: level debugging, 0 messages logged

Buffer logging: level debugging, 275 messages logged

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

Persistent logging: disabled

Trap logging: level informational, 21 message lines logged

R1#

You might also want to configure it on the console as well as follow if you want these messages to show on the router console:

R1(config)#logging console debugging

R1(config)#end

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

corey.mckinney
Level 1
Level 1
In response to Harold Ritter

‎03-17-2006 02:52 PM

I have all that setup. The problem is, when the router reboots, it loses the 'debug ppp authentication' command. Can I tell the router to automatically run this command when it boots up?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to corey.mckinney

‎03-17-2006 03:07 PM

Corey

debug is an exec privilege level command not a configuratin command. So as far as I know there is not any way to configure your router to automatically run the debug ppp authentication when the router reboots.

Perhaps we can think about your question a bit differently and come up with an alternative that might work. What is it in the debug output that you find particularly valuable and helpful. I am guessing that it might be the knowledge of who was gaining ppp access to the router. You can also get that information through the accounting functions of aaa. I have configured several routers where users access the router via ppp. I set up aaa accounting and it sends accounting records that clearly show each user who has successfully authenticated into the router.

If it is not a listing of users who have authenticated then perhaps you can tell us what you are looking for in the debug output and perhaps we can suggest another way to get that information.

HTH

Rick

HTH

Rick
0 Helpful

corey.mckinney
Level 1
Level 1
In response to Richard Burts

‎03-17-2006 03:15 PM

Yes, all I'm trying to get is the user info. How would I set it up with aaa accounting?

Thanks for your help!

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to corey.mckinney

‎03-18-2006 07:04 AM

Corey

I am assuming that you have aaa configured and working. If not then we would have to address a bit more. But assuming that you have working aaa here is what I use and it works well for us:

aaa authentication ppp default if-needed group tacacs+ local

aaa accounting network dial_acct start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

and on the interface(s) where ppp connections will be established I have this:

ppp accounting dial_acct

This send the accounting records for the ppp sessions to the aaa server which provides a report of the ppp activity.

This provides the information that we need. It is lower overhead than depending on debug. And since it is in the configuration it maintains functionality through reboots.

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card