Trying to identify VPN issues between two sites.
I've got the following enabled:
I've got the following enabled:
logging enable
logging buffered informational
logging trap informational
logging asdm informational
logging host switch.link 192.168.x.x
logging host switch.link 192.168.x.x
logging rate-limit 50 1 level 6
logging buffered informational
logging trap informational
logging asdm informational
logging host switch.link 192.168.x.x
logging host switch.link 192.168.x.x
logging rate-limit 50 1 level 6
Normally you only run the debug commands when you are actually troubleshooting something. What I will do if I don't have a loging server available is to change the logging buffered to debugging and in SecureCRT (which is the terminal emulator I'm using) save the output on the screen to a text file and then search through that text file for the peer IP of the VPN etc.
If you run debugging level on buffered, trap and host at the same time it will burden the ASA quite significantly if there is a lot of output.
The best thing would be to have a linux based log server where you can use tools like grep to search through the output.
No comments:
Post a Comment