Solved

Cisco 2811 - Capture VPN Events

Posted on 2006-11-13
8
203 Views
Last Modified: 2008-02-01
I am looking to implement event monitoring on my Cisco 2811 but I only want to monitor for specific events.

Can anyone let me know what the key event codes are to monitor faults with an IPSEC VPN ?

TIA


Rob
0
Comment
Question by:ccfcfc
  • 3
  • 2
8 Comments
 
LVL 12

Expert Comment

by:pjtemplin
Comment Utility
Homework?

What sort of event monitoring method are you thinking?
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
syslog
http://www.kiwisyslog.com
Turn logging up to "informational" or 6
output all logging to the syslog host
0
 

Author Comment

by:ccfcfc
Comment Utility
I am using a pair of routers within a configuration to provide VPN access only. I would like to select certain specific events that I can then use to generate alerts to support staff. I am aware that with the PIX it could be configured to block specific event codes and I was wondering if I could configure IOS to only report the codes I want to generate alerts for.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
Comment Utility
Unfortunately, on a router you cannot suppress specific message numbers like you can on a PIX. You get all or nothing.
You can set the syslog deamon on your syslog server to use a display filter or you can use a syslog analyzer such as Sawmill to give you a daily report automatically.

0
 

Author Comment

by:ccfcfc
Comment Utility
Ok, that answers my question.

Thanks for the help.


Rob
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
Can you close this question?

Thanks!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now