Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Firewall syslog

HI,

we are using PIx 515E as our firewall in our network

In Firewall we configured remote VPN access for users to access from home

now we are planning to moniotor who is authenticated on remote VPN through the syslog server

which faclilty level will give the information of authenticting remote user details

thanks inadvance

vinu

2 REPLIES
Cisco Employee

Re: Firewall syslog

Re: Firewall syslog

Vinu,

The severity level depends on the output log message.

Error Message    %ASA-6-716039: Authentication: rejected, group = name user = user, 
Session Type: WebVPN

Explanation   Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.

Recommended Action   Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.

The above is severity 6 and log message number including username affected.

This urls will provide all the info you need

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501     (searcg for vpn will provide you all logs and severity for vpn)

Also http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html

468
Views
0
Helpful
2
Replies
CreatePlease to create content