Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
2
Replies

User Logging on ASA 5505

Robert62989
Level 1
Level 1

‎06-22-2008 01:47 PM - edited ‎02-21-2020 02:53 AM

I am almost embarrased to ask this but a search of the device and the help files does not answer a simple question: How do you log user activity over the VPN? I can find nothing that describes how to turn this type of logging on or if it is on by default where the information would be?

Thanks for any assistance.

0 Helpful
2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

‎06-22-2008 03:32 PM

Im not sure if your question entails syslog realtime activity or RA sessions but I'll try coverying both, if you are using ASDM you can see statistics on RA vpn users under monitoring.

On top menu ASDM go to Monitoring/VPN/Vpn Statistics/Sessions

or cli

show vpn-sessiondb remote <- For RA sessions

you may also issue

show vpn-sessiondb remote ? for other obtions like webvpn etc..

Above will provide you with RA current connections but not activity

The actual activity should be sees in ASDM realtime syslog messages under HOME/latest ASDM syslog messages - this is internal ASDM buffer .

Now if you want to be real pickie about loggin vpn sessions activity you can configure syslog server apply loggin filters by event class, I have not personally use but it can be done, but generally most use real time log or configure syslog server to capture all activity from ASDM realtime activity.

See syslog configuation for details

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

Rgds

Jorge

Jorge Rodriguez
0 Helpful

Robmancaneast
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎06-22-2008 04:49 PM

Jorge:

Thanks very much for your reply! I have found the menu selections that you referenced and agree that they will show me what is currently happening. What I would like to do is to log the date/time/user/online time etc so that I can review it at any time.

Considering all the other things that this appliance does I am surprised that I can't find how to do this one!

Appreciate you taking the time to respond!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card