ASA - Reports on SSL VPN Login Usage

andre · ‎02-26-2009

Hi there

we're currently developing an environment, where we setup a lot of different user accounts for our customers on the asa. Behind these user accounts are profiles which allow customers to access certain restricted areas in our lab in order to show / test solutions.

I'm currently looking for a way to monitor / generate reports on the usage of these accounts.

Is there anything I can use without spending a fortune on MARS? I thought about syslog and some perl parsers, but unfortunately this is not an option right now because of missing perl knowledge.

Anyone using tools to better monitor the asa?

Thanks a lot in advance

Andre

smalkeric · ‎03-04-2009

The security appliance provides support for network monitoring using SNMP V1 and V2c. The security appliance supports traps and SNMP read access, but does not support SNMP write access.

You can configure the security appliance to send traps (event notifications) to a network management station (NMS), or you can use the NMS to browse the MIBs on the security appliance. MIBs are a collection of definitions, and the security appliance maintains a database of values for each definition. Browsing a MIB entails issuing an SNMP get request from the NMS. Use CiscoWorks for Windows or any other SNMP V1, MIB-II compliant browser to receive SNMP traps and browse a MIB.