Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
464
Views
4
Helpful
4
Replies

Monitoring IPSec Remote Access Users

Go to solution
nagabhushana.k
Level 1
Level 1

‎11-19-2008 03:26 AM - edited ‎03-11-2019 07:15 AM

Hi all,

please can any one help me to know about monitoring Remote access users using ASDM. As I have observed in ASDM, it is possible to monitor users currently logged in, but what I want to monitor is users who were logged in since the firewall started (for example, 30 days)..

Thank you,

Nagabhushan

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
srue
Level 7
Level 7

‎11-19-2008 07:50 AM

you really need to use your logs for that.

View solution in original post

0 Helpful

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10
In response to srue

‎11-19-2008 10:11 AM

Nagabhushan, I do agree with Steven , you would need to use/implement logging.

it is possible to monitor users currently logged in

Yes you can

in ASDM goto

Home/Configuration/Monitor/VPN/Session

but what I want to monitor is users who were logged in since the firewall started (for example, 30 days)..

Since you don't have any permanent logging setup to send logs to a syslog server for that amount of time you have already lost that information from 30 days ago, you need to implement syslog .

Go over this link for monitoring, you can also filter syslog messages based on log ID number or logging severity levels

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/monitor.html

Jorge Rodriguez

View solution in original post

0 Helpful
4 Replies 4

Go to solution
srue
Level 7
Level 7

‎11-19-2008 07:50 AM

you really need to use your logs for that.

0 Helpful

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10
In response to srue

‎11-19-2008 10:11 AM

Nagabhushan, I do agree with Steven , you would need to use/implement logging.

it is possible to monitor users currently logged in

Yes you can

in ASDM goto

Home/Configuration/Monitor/VPN/Session

but what I want to monitor is users who were logged in since the firewall started (for example, 30 days)..

Since you don't have any permanent logging setup to send logs to a syslog server for that amount of time you have already lost that information from 30 days ago, you need to implement syslog .

Go over this link for monitoring, you can also filter syslog messages based on log ID number or logging severity levels

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/monitor.html

Jorge Rodriguez
0 Helpful

Go to solution
cpembleton
Level 4
Level 4
In response to JORGE RODRIGUEZ

‎11-19-2008 04:44 PM

Syslog is the way to go. Just wanted to add something that will help on make syslog useful.

http://www.splunk.com

I use it for everything at home and work. There are free and enterprise versions.

Chad

Go to solution
nagabhushana.k
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎11-19-2008 08:17 PM

Thank you very much for your suggestion..

Nagabhushan

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card