Logging VPN connections

Unanswered Question
May 8th, 2007
User Badges:

Greetings All,


I have a customer who wishes to log all VPN user activity on their ASA5510 so he can look back and see who was using a VPN connection on a particular day.


I can see in the ASDM how you can see real time, who is on but do you know what logging command I need to use to log this activity for reference so that it can be viewed at a later date?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
haroon.shaikh Wed, 05/09/2007 - 12:37
User Badges:

Thanks Jay,


But my issue is that VPN users are already authenticated locally. My only requirement is that I want ASA to send syslogs of the connections made by VPN clients.


i.e. Everytime a VPN client logs in, ASA should send a syslog to syslog server.


Thanks,

laurent.geyer Wed, 05/09/2007 - 12:54
User Badges:

My firewall logs this as %ASA-7-713052.


May 3 09:31:37 xxxfrwxxx %ASA-7-713052: Group = xxx, Username = xxx, IP = aaa.bbb.ccc.ddd, User (xxx) authenticated.


This is just one of many log messages that I see upon authentication.

laurent.geyer Wed, 05/09/2007 - 13:17
User Badges:

Logging is configured pretty verbose.


logging enable

logging timestamp

logging standby

logging console debugging

logging monitor debugging

logging buffered debugging

logging trap debugging

logging history debugging

logging asdm debugging

logging facility 21

logging host inside aaa.bbb.ccc.ddd

logging host inside aaa.bbb.ccc.eee

no logging message 710005

no logging message 710003


Here's the failure message btw.


May 3 17:46:02 xxxfrwxxx %ASA-3-713167: Group = xxx, Username = xxx, IP = aaa.bbb.ccc.ddd, Remote peer has failed user authentication - check configured username and password

Actions

This Discussion