×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Firewall syslog

Unanswered Question
Mar 5th, 2010
User Badges:

HI,


we are using PIx 515E as our firewall in our network


In Firewall we configured remote VPN access for users to access from home


now we are planning to moniotor who is authenticated on remote VPN through the syslog server


which faclilty level will give the information of authenticting remote user details


thanks inadvance

vinu

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
francisco_1 Fri, 03/05/2010 - 04:48
User Badges:
  • Gold, 750 points or more

Vinu,


The severity level depends on the output log message.




Error Message    %ASA-6-716039: Authentication: rejected, group = name user = user, 
Session Type: WebVPN

Explanation   Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.

Recommended Action   Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.


The above is severity 6 and log message number including username affected.



This urls will provide all the info you need


http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501     (searcg for vpn will provide you all logs and severity for vpn)


Also http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html

Actions

This Discussion