Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1991
Views
0
Helpful
2
Replies

filtering log messages

benlemasurier
Level 1
Level 1

‎03-06-2012 01:33 PM - edited ‎03-07-2019 05:23 AM

I'm attempting to debug an ipsec tunnel on an ASA 5510 (8.4(3)) and when I turn on `debug crypto ipsec` and then execute `logging monitor` I get an constant stream of TCP debugging events, is it possible to only view ipsec messages?

Labels:
0 Helpful
2 Replies 2

mikeburr1234
Level 1
Level 1

‎04-11-2012 07:30 PM

Have you tried using the debug crypto condition commands:

ciscoasa# debug crypto condition ?

  error      Display debug error messages regardless of filters

  group      Filter on a group name

  peer       Filter on a peer address or subnet

  reset      Clear the crypto debug filters

  spi        Filter on an IPSec SPI

  unmatched  Display messages with insufficient context to match a filter

  user       Filter on a user name

0 Helpful

kamran_Roostaee
Level 1
Level 1

‎04-15-2012 01:05 AM

It seems that you are using VPN, so if you want to check tunnel you can use show and debug but you should classify problem, if you have security issue you can use Show Crypto isakmp sa that shows isakmp operational data but if you want to see isakmp detailed negoiation you can use debug crypto isakmp , but if problem is related to ipsec tunnel you can use show crypto ipsec sa or debug crypto ipsec  but you can add debug level at the end of command, default is 1 for example you can use debug crypto ipsec 7 to debug detailed ipsec negotiations.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card