ASA VPN Accouting

Unanswered Question
Jul 31st, 2009

I am using ASA 5510 to authenticate IPSec remote access clients. I would like to log all the login attempts to a syslog server. Is this possible?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Collin Clark Sat, 08/01/2009 - 11:55

Yes you can. You will need to enable logging to the syslog server at a minimum of level 5 (notifications).

logging enable

logging host inside [syslog server ip]

logging trap 5

Hope that helps.

Hitesh Vinzoda Sun, 08/09/2009 - 04:10

You can also integrate ACS with ASA (if you have one). Create the Username on ACS and make ASA to authenticate users on ACS.

Guillermo Soto ... Thu, 12/16/2010 - 16:39

Hi Hitesh,

     I am doing Authentication to VPN Clients on ASA (8.2(1)) to a CS ACS 5.0, but I have not been able to to the Authorization and Accounting, do you have an idea on how doing this or any URL I can reference?.  Basicly we want that when a user is logged in via VPN Client, we can also "see" waht the user is doing, which resources it is accesssing, etc

Thanks and Best Regards,



This Discussion