How can enable log on ASA 5510 for VPN client access?

Unanswered Question
Jan 26th, 2011

Dear All,

i have ASA 5510 and i was configur VPN client already but i want to see log when my client connect VPN client ?

How can i know information when they connect? i just to know that we can enable log on ASA but when we enable log all information come but i want to know on client access into ASA?

Best Regards,

Rechard

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
coto.fusionet Wed, 01/26/2011 - 20:10

Rechard,

Browsing the community I found this:

You can send all the syslog messages for remote vpn client only to your syslog server as follows:

logging list vpn-log level debugging class vpnc
logging trap vpn-log

OR/ alternatively, if you know exactly which syslog messages you are after, you can configure it this way:

logging list vpn-list message 611101

logging trap vpn-list

The vpn client syslog is within the 611xxx range, and here is the syslog for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4774570

Hope that helps.

Federico.

rechard_hk Wed, 01/26/2011 - 20:44

Dear Federico.

you mean that when i apply command as below, so i can see my user connect to ASA right?

logging list vpn-log level debugging class vpnc
logging trap vpn-log

Best Regards,

Rechard

coto.fusionet Thu, 01/27/2011 - 08:47

Well, that example show enabling the logs to be sent to a syslog server.

You can check your logs on a syslog server (recommended), or in the buffer on the ASA itself for example.

Either way, the idea is to enable only the logs particularly to the VPN clients which are in the range mentioned.

Here are two examples:


611307

Error Message    %PIX|ASA-6-611307: VPNClient: Head end : IP_address
Explanation    The VPN client is connected to the specified headend.

611309

Error Message    %PIX|ASA-6-611309: VPNClient: Disconnecting from head end and
uninstalling previously downloaded policy: Head End: IP_address

Explanation    A VPN client is disconnecting and uninstalling a previously installed policy.

Federico.

Actions

Login or Register to take actions

This Discussion

Posted January 26, 2011 at 8:05 PM
Stats:
Replies:3 Avg. Rating:
Views:2377 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard