Name: Cisco 2800 Series
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

Easy VPN Configuration Example

Troubleshoot

OL-6340-01

Troubleshooting Commands

Note

Before issuing debug commands, please see Important Information on Debug Commands.

The following debug commands must be running on both IPSec routers (peers). Security associations

must be cleared on both peers.

•

debug crypto engine—Displays information pertaining to the crypto engine, such as when

Cisco

IOS software is performing encryption or decryption operations.

•

debug crypto ipsec—Displays the IPSec negotiations of phase 2.

•

debug crypto ipsec client ezvpn—Displays the negotiation of the EzVPN client to the VPN

concentrator.

•

debug crypto isakmp—Displays the ISAKMP negotiations of phase 1.

•

clear crypto ipsec client ezvpn—Clears an existing EzVPN connection.

•

clear crypto isakmp—Clears the security associations for phase 1.

•

clear crypto sa—Clears the security associations for phase 2.

The following is an example of output for the debug crypto ipsec client ezvpn command:

EzVPN-Spoke-1# debug crypto ipsec client ezvpn

*May 24 03:04:51.923: EZVPN(VPN1): New State: CONNECT_REQUIRED

!--- The following line shows the connection going down, not part of the debug output.

*May 24 03:04:51.923: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer

10.32.152.26:500 Id: 10.32.152.26

!---Debug output resumes

*May 24 03:04:51.927: EZVPN(VPN1): Current State: CONNECT_REQUIRED

*May 24 03:04:51.927: EZVPN(VPN1): Event: CONNECT

*May 24 03:04:51.927: EZVPN(VPN1): ezvpn_connect_request

*May 24 03:04:51.927: EZVPN(VPN1): New State: READY

*May 24 03:04:51.999: EZVPN(VPN1): Current State: READY

*May 24 03:04:51.999: EZVPN(VPN1): Event: CONN_UP

*May 24 03:04:51.999: EZVPN(VPN1): ezvpn_conn_up 7F890E16 DB923EE3 67C9C0D2 7EE723AC

*May 24 03:04:51.999: EZVPN(VPN1): No state change

*May 24 03:04:52.007: EZVPN(VPN1): Current State: READY

*May 24 03:04:52.007: EZVPN(VPN1): Event: XAUTH_REQUEST

*May 24 03:04:52.007: EZVPN(VPN1): ezvpn_xauth_request

*May 24 03:04:52.007: EZVPN(VPN1): ezvpn_parse_xauth_msg

*May 24 03:04:52.007: EZVPN: Attributes sent in xauth request message:

*May 24 03:04:52.007: XAUTH_USER_NAME_V2(VPN1):

*May 24 03:04:52.007: XAUTH_USER_PASSWORD_V2(VPN1):

*May 24 03:04:52.007: EZVPN(VPN1): send saved username ezvpn-spoke1 and password <omitted>

*May 24 03:04:52.007: EZVPN(VPN1): New State: XAUTH_REQ

*May 24 03:04:52.007: EZVPN(VPN1): Current State: XAUTH_REQ

*May 24 03:04:52.007: EZVPN(VPN1): Event: XAUTH_REQ_INFO_READY

*May 24 03:04:52.007: EZVPN(VPN1): ezvpn_xauth_reply

*May 24 03:04:52.007: XAUTH_USER_NAME_V2(VPN1): ezvpn-spoke1

*May 24 03:04:52.011: XAUTH_USER_PASSWORD_V2(VPN1): <omitted>

*May 24 03:04:52.011: EZVPN(VPN1): New State: XAUTH_REPLIED

*May 24 03:04:52.023: EZVPN(VPN1): Current State: XAUTH_REPLIED

*May 24 03:04:52.023: EZVPN(VPN1): Event: XAUTH_STATUS

*May 24 03:04:52.023: EZVPN(VPN1): New State: READY

Other manuals for Cisco 2800 Series

Quick Start Guide46 pages

Datasheet5 pages

Configuring32 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco 2800 Series and is the answer not in the manual?

Cisco 2800 Series Specifications

General

Power Supply	Internal power supply
Product Type	Router
Form Factor	Rack-mountable
Connectivity Technology	Wired
Power Device	Internal power supply
Operating System	Cisco IOS
Integrated Services	Security, voice
WAN Interfaces	T1/E1, Serial
LAN Interfaces	Fast Ethernet, Gigabit Ethernet
Expansion Slots	4
Data Link Protocol	Ethernet, Fast Ethernet, Gigabit Ethernet
Network/Transport Protocol	IP, TCP
Remote Management Protocol	SNMP, Telnet
Features	VPN support, Quality of Service (QoS), VLAN support
Voltage Required	AC 100-240 V
Security Features	Firewall, VPN, Access Control Lists (ACLs)