Re: Vpn up/down logging
- From: bod43 <Bod43@xxxxxxxxxxxxx>
- Date: Wed, 29 Apr 2009 21:38:24 -0700 (PDT)
On 29 Apr, 21:09, mmark751969 <mmark751...@xxxxxxxxx> wrote:
On Apr 28, 8:00 am, alexd <troffa...@xxxxxxxxxxx> wrote:
maxim.chebane...@xxxxxxxxx wrote:
If you tell how, it will be very nice. I can't find method to monitor
some ipsec tunnels on one router.
Have a look at the thread 'ipsec vpn logging', dated 22nd April.
--
<http://ale.cx/> (AIM:troffasky) (UnSoEsNpE...@xxxxxx)
14:00:14 up 144 days, 15:11, 3 users, load average: 0.08, 0.05, 0.03
My god, said I, with my one liquid eye, am I dreaming, or am I insane?
I am now doing this by setting the 1800 to log to my syslog server at
logging level debugging. I'm then turning on debugging at the router
with deb cry ipsec error. I did this and then cleared out a vpn to
test. I was immediately getting outgoing sa deny errors repeating
frequently. This should be sufficient for me to tell when they go
down. I'll just need to police my syslog log file to see that it
doesn't get to big.
Turning on a debug seems a bit extreme. Debug will also
be lost on reboot.
As regards the log file size there may be automated
tools available (kiwi syslog server?) or you can
schedule a job to roll over to a new file periodically.
These text file will compress really well so you can
keep a few.
This page describes the MIB and there is a link there to
a tool that alows you to find supported images.
It looks as if you might need Advanced IP Services or better.
Post sh ver if you want assistance.
.
- References:
- Vpn up/down logging
- From: mmark751969
- Re: Vpn up/down logging
- From: mmark751969
- Vpn up/down logging
- Prev by Date: Re: Same Network on Two Interfaces
- Next by Date: Re: Up->Down messages related to ip sla icmp-echo when there are no apparent network issues
- Previous by thread: Re: Vpn up/down logging
- Next by thread: Help with 2511 Access Router
- Index(es):
Relevant Pages
|
Loading
