Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
5
Helpful
4
Replies

Log RA VPN activity on ASA5510

wilson_1234_2
Level 3
Level 3

‎06-17-2009 07:31 AM

Can I log the RA VPN activity from Cisco VPN clients?

I am authenticating the users via TACACS, but would like to log the activity like what you could do with a 3005 concentrator.

Can this be done?

Labels:
0 Helpful
4 Replies 4

mchin345
Level 6
Level 6

‎06-23-2009 06:35 AM

I hope you can save it locally or through VPN access.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to mchin345

‎06-28-2009 04:02 PM

Richard

Perhaps there is some aspect of your question that I am not understanding. But in my experience the log messages on the ASA5500 show show Remote Access VPN session creation in a way that is similar to what is logged from the 3000 series concentrators.

HTH

Rick

HTH

Rick

wilson_1234_2
Level 3
Level 3
In response to Richard Burts

‎06-29-2009 11:52 AM

Thanks Rick,

Maybe the 5510 is not configured as it should be to do what I am asking.

I can see the RA VPN when looking in the ASDM.

Also, there is an option for accounting in the ASA for the ra tunnel group.

Would this allow me to log RA activity to the TACACS server?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to wilson_1234_2

‎07-02-2009 06:32 AM

Richard

I have not used and have not really looked very much at the accounting option on the ASA so can not speak to this directly. But assuming that the accounting on the ASA is implemented similar to the way it is in IOS I would think that it should be possible to send accounting records to the TACACS server to show VPN activity.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents