Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Bronze

Logging VPN clients with Cisco ASA5520

Is it possible to have a log of VPN clients accessing the ASA5520?

7 REPLIES
Silver

Re: Logging VPN clients with Cisco ASA5520

The VPN Client saves the information to the Client install directory, which by default is the pathname Program Files\Cisco Systems VPN Client\VPN Client\Logs. The default file name includes the word "LOG" and is based on the date and time (in 24-hour format) that the log file was created; for example, LOG-yyyy-MM-dd-hh-mm-ss.txt. This new format complies with the ISO 8601 extended specification for representations of dates and times and avoids issues with localization. The new log file names have a chronological order that is the same as their alphanumeric order. This provides for a method of enumerating only the log files generated by the GUI.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_user_guide_chapter09186a008015ce82.html

Re: Logging VPN clients with Cisco ASA5520

YES,

u can see the log like which user has logged, what time he has logged in, from which ip address he has logged, how long he has been logged in, all it is possbile by having TACACS server.

Bronze

Re: Logging VPN clients with Cisco ASA5520

Could you please give more details? I have a TACACS server running, what commands do I need to add to my config to make this possible.

Thanks much,

Re: Logging VPN clients with Cisco ASA5520

Bronze

Re: Logging VPN clients with Cisco ASA5520

Thanks. However, this link doesn't refer to VPN users. We authenticate our VPN users against our Active Directory. We use TACACS to authenticate users (engineers) to the devices.

New Member

Re: Logging VPN clients with Cisco ASA5520

You could log your VPN events to a syslog server; thats what I do. So I can go back and see what time and from what IP a user connected, what internal IP they were assigned, and when they disconnected.

Bronze

Re: Logging VPN clients with Cisco ASA5520

what level of logging will allow me to gather that information? Thanks

798
Views
0
Helpful
7
Replies