Debug L2TP on the ASA???
Besides "debug crypto ikev1" and "debug crypto ipsec" what other debug can one use to debug L2TP over IPsec on the ASA?
I see "debug l2tp" but it looks obsolete and does not seem to be working plus even after runing it, when I run a "show debug" I dont see the "debug l2tp" present.
Also how do the debug levels work on the ASA? It has 1-255 and I remember running "debug ssh 10" and got locked out becuase the screen over flowed with output. What is a safe enough level? Would one always have to increase it gradually by 1 level higher just to see if you get more output?
Comments
Hi,
So, there is no general safe level for a debug on ASA, it really depends on the debug command; for example on VPN's if you want more relevant information from the debug but not too much, the safe level is 128. Most useful debug commands will be "debug l2tp event|packet" for the initial L2TP setup, and usual debug crypto commands for the IPsec tunnel.
Regards,
Cristian.
Thanks Chris