[c-nsp] ASA5500 logging / diagnostic question.
Ryan West
rwest at zyedge.com
Wed Jul 29 15:03:58 EDT 2009
Scott,
If you want debug on a temporary basis for that traffic, you can try 'deb cry isa 2' (or higher than 2, but normally that's enough). Another option is to use logging classes to troubleshoot just the VPN. Here is an example:
logging class vpn monitor debugging
Assuming you have nothing else configured for monitor logging, a term mon will show just this traffic.
-ryan
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Scott Granados
Sent: Wednesday, July 29, 2009 2:55 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] ASA5500 logging / diagnostic question.
Hi, I have what's probably an obvious question but googling isn't returning
an obvious answer.
I'm installing a pair of new ASA5500 devices for the purposes of providing
VPN connectivity to users running the Cisco VPN Client and also two lan to
lan sessions. When I try to connect from a client the client never goes to
the authentication stage and after about 10 seconds drops. What are some
good logging options to have set for debugging connections (especially in a
first time installation) and could someone post a good syslog portion from
their ASA that will send appropriate data to a syslog server? Right now I
seem to be gathering data on connections that are built or taken down but no
warning or error messages. Any pointers would be appreciated.
Thanks
Scott
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list