ASA 5520 VPN Repoting using RADIUS

Unanswered Question
Aug 14th, 2009
User Badges:

I currently have an ASA 5520 that we use with a RADIUS server for VPN access. I was told that there is a way to configure the ASA so we can pull reports on VPN usage by the users that are in the RADIUS server. I have searched and searched and I cannot find anything that deals with pulling a report from the ASA on who is logged in and for how long. Is this even possible?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smalkeric Thu, 08/20/2009 - 07:45
User Badges:
  • Silver, 250 points or more

You can have report on VPN usage by configuring accounting feature in your ASA. Accounting tracks traffic that passes through the security appliance, enabling you to have a record of user activity. If you enable authentication for that traffic, you can account for traffic per user. If you do not authenticate the traffic, you can account for traffic per IP address. Accounting information includes when sessions start and stop, username, the number of bytes that pass through the security appliance for the session, the service used, and the duration of each session.

For configuring the accounting in ASA refer the below URL:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_fwaaa.html#wp1043741

Actions

This Discussion