cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5849
Views
0
Helpful
3
Replies

How can enable log on ASA 5510 for VPN client access?

rechard_hk
Level 1
Level 1

Dear All,

i have ASA 5510 and i was configur VPN client already but i want to see log when my client connect VPN client ?

How can i know information when they connect? i just to know that we can enable log on ASA but when we enable log all information come but i want to know on client access into ASA?

Best Regards,

Rechard

3 Replies 3

Rechard,

Browsing the community I found this:

You can send all the syslog messages for remote vpn client only to your syslog server as follows:

logging list vpn-log level debugging class vpnc
logging trap vpn-log

OR/ alternatively, if you know exactly which syslog messages you are after, you can configure it this way:

logging list vpn-list message 611101

logging trap vpn-list

The vpn client syslog is within the 611xxx range, and here is the syslog for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp4774570

Hope that helps.

Federico.

Dear Federico.

you mean that when i apply command as below, so i can see my user connect to ASA right?

logging list vpn-log level debugging class vpnc
logging trap vpn-log

Best Regards,

Rechard

Well, that example show enabling the logs to be sent to a syslog server.

You can check your logs on a syslog server (recommended), or in the buffer on the ASA itself for example.

Either way, the idea is to enable only the logs particularly to the VPN clients which are in the range mentioned.

Here are two examples:


611307

Error Message    %PIX|ASA-6-611307: VPNClient: Head end : IP_address
Explanation    The VPN client is connected to the specified headend.

611309

Error Message    %PIX|ASA-6-611309: VPNClient: Disconnecting from head end and
uninstalling previously downloaded policy: Head End: IP_address

Explanation    A VPN client is disconnecting and uninstalling a previously installed policy.

Federico.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: