03-05-2010 03:24 AM - edited 03-11-2019 10:17 AM
HI,
we are using PIx 515E as our firewall in our network
In Firewall we configured remote VPN access for users to access from home
now we are planning to moniotor who is authenticated on remote VPN through the syslog server
which faclilty level will give the information of authenticting remote user details
thanks inadvance
vinu
03-05-2010 04:38 AM
Refer this link:
http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp5602670
109006
113005
113015
113016
113017
-KS
03-05-2010 04:48 AM
Vinu,
The severity level depends on the output log message.
Error Message %ASA-6-716039: Authentication: rejected, group = name user = user, Session Type: WebVPN
Explanation Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.
Recommended Action Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.
The above is severity 6 and log message number including username affected.
This urls will provide all the info you need
http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501 (searcg for vpn will provide you all logs and severity for vpn)
Also http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide