10-01-2024 08:53 AM
hi,
how can I increase number/detailes of crypto syslog messaeges logged? For example I'd like to see when rekeying was done, if there was any errors in ikev2/ipsec negotiations etc.
br
10-01-2024 09:01 AM - edited 10-01-2024 09:18 AM
debug crypto ikev2 error <<- check this instead of run debug real time for all ikev2
MHM
10-01-2024 09:07 AM
I do not have that command ...
#sh crypto ikev2 ?
authorization Author policy
certificate-cache Show certificates in ikev2 certificate-cache
client Show Client Status
cluster Show Cluster load
diagnose Shows ikev2 diagnostic
policy Show policies
profile Shows ikev2 profiles
proposal Show proposals
sa Shows ikev2 SAs
session Shows ikev2 active session
stats Shows ikev2 sa stats
I can see some stats but no per peer
10-01-2024 11:02 AM
what is the device model and what IOS code running on the device.
Depends on log size the router can hold the message, if you looking get more logs - then setup temporary SYSLOG server - (there lot available in the google search) - then enable debug and direct the logs to syslog server and you can monitor.
https://www.cisco.com/c/en/us/td/docs/routers/access/wireless/software/guide/SysMsgLogging.html
10-04-2024 12:53 AM
hi,
asr 1001x 17.6.6a ... I just hoped there is solution without debug.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide