LAN to LAN Tunnel - Need Accounting of who accesses and when

Unanswered Question
Jul 31st, 2009
User Badges:

Is there anyway to provide accounting information about what user or what source / destination IP traverses a L2L tunnel ?


Essentially I'm trying to provide information about when our tunnels are enabled and when they are disabled and who accesses what across the tunnels.


Can this be done natively on an ASA running version 8.x?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Sat, 08/01/2009 - 08:40
User Badges:
  • Green, 3000 points or more

There are several tools out there that can collect that information for either RA VPN, L2l VPN or just regular traffic.


I personally use Firewall Analizer from Manage enginen, provides granular information on any traffic traversing firewall.

http://www.manageengine.com/products/firewall/index.html


You can look at Cisco Security manager http://www.cisco.com/en/US/products/ps6498/index.html


Also Netflow feature was just introduced in latest 8.2.1 code release , this feature is part of the code so it is free, you can try this , there are also freeware netflow collectors out there to set it up. http://www.cisco.com/en/US/docs/security/asa/asa82/netflow/netflow.html



Freeware netflow collectors

http://www.cisco.com/en/US/prod/iosswrel/ps6537/ps6555/ps6601/networking_solutions_products_genericcontent0900aecd805ff72b.html


Regards

Actions

This Discussion