06-17-2009 07:31 AM
Can I log the RA VPN activity from Cisco VPN clients?
I am authenticating the users via TACACS, but would like to log the activity like what you could do with a 3005 concentrator.
Can this be done?
06-23-2009 06:35 AM
I hope you can save it locally or through VPN access.
06-28-2009 04:02 PM
Richard
Perhaps there is some aspect of your question that I am not understanding. But in my experience the log messages on the ASA5500 show show Remote Access VPN session creation in a way that is similar to what is logged from the 3000 series concentrators.
HTH
Rick
06-29-2009 11:52 AM
Thanks Rick,
Maybe the 5510 is not configured as it should be to do what I am asking.
I can see the RA VPN when looking in the ASDM.
Also, there is an option for accounting in the ASA for the ra tunnel group.
Would this allow me to log RA activity to the TACACS server?
07-02-2009 06:32 AM
Richard
I have not used and have not really looked very much at the accounting option on the ASA so can not speak to this directly. But assuming that the accounting on the ASA is implemented similar to the way it is in IOS I would think that it should be possible to send accounting records to the TACACS server to show VPN activity.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide