cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1239
Views
0
Helpful
7
Replies

Logging VPN clients with Cisco ASA5520

Tshi M
Level 5
Level 5

Is it possible to have a log of VPN clients accessing the ASA5520?

7 Replies 7

aghaznavi
Level 5
Level 5

The VPN Client saves the information to the Client install directory, which by default is the pathname Program Files\Cisco Systems VPN Client\VPN Client\Logs. The default file name includes the word "LOG" and is based on the date and time (in 24-hour format) that the log file was created; for example, LOG-yyyy-MM-dd-hh-mm-ss.txt. This new format complies with the ISO 8601 extended specification for representations of dates and times and avoids issues with localization. The new log file names have a chronological order that is the same as their alphanumeric order. This provides for a method of enumerating only the log files generated by the GUI.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_user_guide_chapter09186a008015ce82.html

YES,

u can see the log like which user has logged, what time he has logged in, from which ip address he has logged, how long he has been logged in, all it is possbile by having TACACS server.

Could you please give more details? I have a TACACS server running, what commands do I need to add to my config to make this possible.

Thanks much,

Thanks. However, this link doesn't refer to VPN users. We authenticate our VPN users against our Active Directory. We use TACACS to authenticate users (engineers) to the devices.

You could log your VPN events to a syslog server; thats what I do. So I can go back and see what time and from what IP a user connected, what internal IP they were assigned, and when they disconnected.

what level of logging will allow me to gather that information? Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: