Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN Logs

     hey

i configure a vpn at asa 5510 and i want to check the all the logs with time and date that people are conected through vpn           

Navaz       

Navaz
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Green

VPN Logs

here is a guide on how to configure it in the ASDM.  but in step 3 choose Flash instead of the FTP option

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b83d04.shtml#basicsyslog

--

Please rate all helpful posts

-- Please remember to rate and select a correct answer
10 REPLIES
Cisco Employee

VPN Logs

RADIUS accounting for VPN is the best way to achieve those.

New Member

VPN Logs

can you send me the configuration?

Navaz

Navaz
VIP Green

Re: VPN Logs

This can be done using both RADIUS and TACACS+.  The link below has a configuration example.  Keep in mind that this requires an access control server (ACS) server.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b04552.shtml

If you dont have a RADIUS or TACACS+ server then you can send these logs to a syslog server using the logging list command

hostname(config)#logging enable
hostname(config)#logging timestamp
hostname(config)#logging list level debugging class vpn
hostname(config)#logging trap
hostname(config)#logging host inside

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml#capturevpn

Please rate all helpful posts.

-- Please remember to rate and select a correct answer
New Member

VPN Logs

listen

i have a 5510 asa and the vpn is configured is at this. i want the daily logs that are connected ASA through vpn.

Thanks and regards

Navaz

Navaz
VIP Green

VPN Logs

As far as I know, a summarition of the connected users to be sent to a syslog server or TACACS+ or RADIUS server can not be done.

--

Please rate all helpful posts.

-- Please remember to rate and select a correct answer
New Member

VPN Logs

Here is my asa configuration

ASA(config)# sh running-config

: Saved

:

ASA Version 8.0(2)

!

hostname ASA

enable password 8Ry2YjIyt7RRXU24 encrypted

names

!

interface Ethernet0/0

nameif outside

security-level 0

ip address 10.1.1.1 255.255.255.0

!

interface Ethernet0/1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

!

interface Ethernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet0/4

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet0/5

shutdown

no nameif

no security-level

no ip address

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

access-list 101 extended permit ip any any

pager lines 24

mtu outside 1500

mtu inside 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

nat-control

global (outside) 1 10.1.1.30

nat (inside) 1 192.168.1.0 255.255.255.0

static (outside,inside) 10.1.1.30 10.1.1.2 netmask 255.255.255.255

access-group 101 in interface outside

access-group 101 in interface inside

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

dynamic-access-policy-record DfltAccessPolicy

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

no crypto isakmp nat-traversal

telnet timeout 5

ssh timeout 5

console timeout 0

threat-detection basic-threat

threat-detection statistics access-list

!

!

prompt hostname context

Cryptochecksum:a910fcee5200493f2ed21db7bd2f82d6

: end

ASA(config)#

and the diagram

Navaz

Navaz
VIP Green

VPN Logs

Have you removed som of the configuration?  There are no logging configurations.

I have provided the configurations for sending syslog messages to a syslog server in one of the above posts.

But as I mentioned, having a summarization of the leased IPs can not be done.  You can however view this by using the commands

show dhcpd bindings

show dhcpd statistics

-- Please remember to rate and select a correct answer
Silver

VPN Logs

config terminal 
logging enable 
logging timestamp 
logging class auth console debugging 
logging class webvpn console debugging 
logging class ssl console debugging
logging class svc console debugging

logging class vpnc console debugging

For WebVPN

For remote access activity,  class webvpn is what you want. Specifically,  message 716001 is for  logon events, and 716002 is for logoff events.

Value our effort and rate the assistance!
New Member

VPN Logs

i cant understand. i want to configure through asdm

Navaz

Navaz
VIP Green

VPN Logs

here is a guide on how to configure it in the ASDM.  but in step 3 choose Flash instead of the FTP option

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b83d04.shtml#basicsyslog

--

Please rate all helpful posts

-- Please remember to rate and select a correct answer
387
Views
0
Helpful
10
Replies