Monitor username for VPN connections through ASA 5510

Unanswered Question
Nov 7th, 2008
User Badges:

We want to track username, login and logout times for VPN connections through ASA 5510. Is there a way to receive an email notification for those or get that information from a SYSLOG server?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
guibarati Tue, 11/11/2008 - 11:27
User Badges:
  • Bronze, 100 points or more

Yes, its already logged in ASDM realtime log.


What you have to do is:


-Open ASDM realtime log

-Connect a vpn

-Look and record the number of the event that appears on "Syslog ID" Column. (There is one for VPN Phase 2 complete(connection) and one for the disconnection)

-If you want it to be sent by email go to:


ASDM---> Logging ---> SMTP

Put here the address of your SMTP server (it should allow relay from ASA)



ASDM---> Logging ---> E-mail Setup

Put the informations (email source and destinations)



ASDM---> Logging ---> Logging filter

Create a filter that send to the email only the events with the Two syslog ID you have seen in the realtime log.



Rate if helpfull

Actions

This Discussion