Scott, If you want debug on a temporary basis for that traffic, you can try 'deb cry isa 2' (or higher than 2, but normally that's enough). Another option is to use logging classes to troubleshoot just the VPN. Here is an example:
logging class vpn monitor debugging Assuming you have nothing else configured for monitor logging, a term mon will show just this traffic. -ryan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Scott Granados Sent: Wednesday, July 29, 2009 2:55 PM To: [email protected] Subject: [c-nsp] ASA5500 logging / diagnostic question. Hi, I have what's probably an obvious question but googling isn't returning an obvious answer. I'm installing a pair of new ASA5500 devices for the purposes of providing VPN connectivity to users running the Cisco VPN Client and also two lan to lan sessions. When I try to connect from a client the client never goes to the authentication stage and after about 10 seconds drops. What are some good logging options to have set for debugging connections (especially in a first time installation) and could someone post a good syslog portion from their ASA that will send appropriate data to a syslog server? Right now I seem to be gathering data on connections that are built or taken down but no warning or error messages. Any pointers would be appreciated. Thanks Scott _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
