I have couple of question in regards to remote access vpn and logging vpn traffic. Can someone please advise how can i capture decrypted traffic for remote access vpn client on firewall. right now firewall has any source any dest and any service access list associated with tunnel group (not interface access list) but the default group policy one. i don't know what kind of traffic is coming from remote vpn machine and i want to capture and create more specfic acl and associate that with tunnel group via vpn filter so no any's are allowed.
I have also load balancing configured for vpn and i know if i add vpn filter via group policy and add it to default group it can cause downtime but since i have vpn load balancing configured it shoudnt affect remote client. Am i right ?