Logging VPN clients with Cisco ASA5520

Unanswered Question
Sep 4th, 2007

Is it possible to have a log of VPN clients accessing the ASA5520?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
aghaznavi Mon, 09/10/2007 - 12:53

The VPN Client saves the information to the Client install directory, which by default is the pathname Program Files\Cisco Systems VPN Client\VPN Client\Logs. The default file name includes the word "LOG" and is based on the date and time (in 24-hour format) that the log file was created; for example, LOG-yyyy-MM-dd-hh-mm-ss.txt. This new format complies with the ISO 8601 extended specification for representations of dates and times and avoids issues with localization. The new log file names have a chronological order that is the same as their alphanumeric order. This provides for a method of enumerating only the log files generated by the GUI.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_user_guide_chapter09186a008015ce82.html

Anand Narayana Tue, 09/11/2007 - 01:58

YES,

u can see the log like which user has logged, what time he has logged in, from which ip address he has logged, how long he has been logged in, all it is possbile by having TACACS server.

Tshi M Tue, 09/11/2007 - 05:04

Could you please give more details? I have a TACACS server running, what commands do I need to add to my config to make this possible.

Thanks much,

Tshi M Tue, 09/11/2007 - 06:03

Thanks. However, this link doesn't refer to VPN users. We authenticate our VPN users against our Active Directory. We use TACACS to authenticate users (engineers) to the devices.

mauricej74 Thu, 09/13/2007 - 11:19

You could log your VPN events to a syslog server; thats what I do. So I can go back and see what time and from what IP a user connected, what internal IP they were assigned, and when they disconnected.

Tshi M Thu, 09/13/2007 - 11:23

what level of logging will allow me to gather that information? Thanks

Actions

This Discussion