Log access/connections to SSL VPN - Cisco ASA 5520

whiteford · ‎08-04-2008

Hi,

I am trying to log SSL VPN access on my Cisco ASA 5520. I can only seem to log via the ASDM or my syslog server when a session ends and not when they connect. I get the Syslog ID of 113018 when they disconnect.

e.g:

113019

Error Message %PIX|ASA-4-113019: Group = group, Username = username, IP = peer_address,

Session disconnected. Session Type: type, Duration: duration, Bytes xmt:

count, Bytes rcv: count, Reason: reason

All logs: http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4769539

Must be a way to show when someone logs on successfully?

Thanks

dhananjoy chowdhury · ‎08-04-2008

Check this :

Message %PIX|ASA-6-113012: AAA user authentication Successful: local database:

user = user

Explanation : The user associated with a IPSec or WebVPN connection has been successfully authenticated to the local user database. user is the username associated with the connection.

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4769539

JORGE RODRIGUEZ · ‎08-04-2008

I think Andy is looking for logging information of successfull webvpn users connections and disconnections.

try setting the loggin level as severity level 6

Jorge Rodriguez

JORGE RODRIGUEZ · ‎08-05-2008

Andy, just following up, are you all set with your query?

Rgds

Jorge

Jorge Rodriguez