Unanswered Question


I've noticed that you get a %PIX-2-109011 log entry whenever somebody connects to the a pix 515e with the Cisco VPN Client, authenticate sucessfully, and receive a VPN session.

Can anyone confirm that its impossible for someone to connect to the VPN WITHOUT generating such a message?

Can anyone say with 100% certainty that it IS possible (well ... 99.99% will do :)



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ssoberlik Wed, 06/20/2007 - 11:45
User Badges:
  • Bronze, 100 points or more

This is a level 2 debug message and you may need to change syslog of the PIX to a debug level of 1 so as the message will not be generated. The message is normal when a user connects using VPN client.


I assume your using this message to confirm successfull connections. It would be safe to assume with 100% certainty, that all connections would generate a message. Part of the code would be setting the required syslog notification on connection.

If you do not wish to log such messages you can turn down your logging or disable specific messages with the no logging message 109011



This Discussion