JORGE RODRIGUEZ Wed, 07/02/2008 - 22:36

Best is to setup a syslog server to capture logs or set up FTP server for same purpose, if you want specific log ID such as vpn clients connections, you may filter by using the Event List feature under firewall managemet logging section, configure Event class to filter on specific messages events such as vpn Ike IPsec connections webvpn etc..

working with messages loggings - see logging host for syslog server setup or logging ftp-server

Event list logging filtering - logging in general



leo_zidane Thu, 07/03/2008 - 17:59

My ASA firewall logging setup is by syslog ID. Do you know what is the syslog ID associated with VPN so that I can enable it?

JORGE RODRIGUEZ Fri, 07/04/2008 - 19:48

Look in messages ID ranges from 701001 to 732003 , like the 731052, 713056, 713060, 713061, there could be more , what I would suggest is to have a user connect via vpn and look at the asdm log when the user connects, take look at realtime asdm log and take notes of the syslog ID# on the syslog id colum,you may also ask the user to to purposely fail user password when connecting so that you can capture syslog id number for references.

System log messages

Syslog messages by code



PLS rate any helpful posts


This Discussion