LAN to LAN Tunnel - Need Accounting of who accesses and when

Unanswered Question
Jul 31st, 2009

Is there anyway to provide accounting information about what user or what source / destination IP traverses a L2L tunnel ?

Essentially I'm trying to provide information about when our tunnels are enabled and when they are disabled and who accesses what across the tunnels.

Can this be done natively on an ASA running version 8.x?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Sat, 08/01/2009 - 08:40

There are several tools out there that can collect that information for either RA VPN, L2l VPN or just regular traffic.

I personally use Firewall Analizer from Manage enginen, provides granular information on any traffic traversing firewall.

http://www.manageengine.com/products/firewall/index.html

You can look at Cisco Security manager http://www.cisco.com/en/US/products/ps6498/index.html

Also Netflow feature was just introduced in latest 8.2.1 code release , this feature is part of the code so it is free, you can try this , there are also freeware netflow collectors out there to set it up. http://www.cisco.com/en/US/docs/security/asa/asa82/netflow/netflow.html

Freeware netflow collectors

http://www.cisco.com/en/US/prod/iosswrel/ps6537/ps6555/ps6601/networking_solutions_products_genericcontent0900aecd805ff72b.html

Regards

Actions

This Discussion