I have gotten downloadable ACLs for VPN clients to work just fine with my Cisco ACS server and ASA 8.0(x) code. The problem is logging the information. I want to log certain things over the VPN connection. For example, if a user tries to access a certain IP, I want to block it and log it. The blocking works fine, but no matter what I set the logging level to, I never see the blocked traffic in the server logs. Can anyone point to some documentation or "gotchas" that might help? Thanks!