cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
889
Views
0
Helpful
2
Replies

Firewall syslog

vinoth.kumar
Level 1
Level 1

HI,

we are using PIx 515E as our firewall in our network

In Firewall we configured remote VPN access for users to access from home

now we are planning to moniotor who is authenticated on remote VPN through the syslog server

which faclilty level will give the information of authenticting remote user details

thanks inadvance

vinu

2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

francisco_1
Level 7
Level 7

Vinu,

The severity level depends on the output log message.

Error Message    %ASA-6-716039: Authentication: rejected, group = name user = user, 
Session Type: WebVPN

Explanation   Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.

Recommended Action   Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.

The above is severity 6 and log message number including username affected.

This urls will provide all the info you need

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501     (searcg for vpn will provide you all logs and severity for vpn)

Also http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: