Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

VPN Connections

I have been given the task of finding out when employees log on and off our VPN which terminates into a ASA5510. Is there some type of report or syslog level I need to enable?

7 REPLIES

Re: VPN Connections

You can configure the ASA to send syslogs, that indicate which users logon and which time from which IP address.

A good feature packed syslog server is "syslog-ng" which runs on Linux. If you want windows - then KiwiSyslog is good, plenty of features, but if you just want logging & search capabilites without buying it , it's ideal.

HTH>

New Member

Re: VPN Connections

Thanks for the quick reply, I will be using Kiwi syslog. Can you tell me how I can configure my ASA to log just log on's and log off's to a specific syslog? I know the ASA can be very chaty.

Re: VPN Connections

login username information can be found in:-

"debug" level, messages

7-715047,7-715075,7-715036,7-715046

TCP/UDP connection information per user can be found in:-

"info" level, messages

6-302013, 6-302014

Sadly both debug, and info levels do send high amount of traffic, but if you have bought KiwiSyslog - you can filter and save disk space!

HTH>

Re: VPN Connections

Sorry wrong info there - you can create a filter in the ASA to only send the specific logs you want....I was thinking about PIX!

New Member

Re: VPN Connections

So which filter would I create if I only wanted login's and Out's? Or how do I create that filter?

Re: VPN Connections

Never actually done it before, but looking at the command line something like:-

logging list test-log-filter message 715046

logging list test-log-filter message 715047

logging list test-log-filter message 715075

logging list test-log-filter message 715036

logging list test-log-filter level Debugging class auth

I think you will have to play with it, someother netpro's might have done this before....or you could see if there is a way to do it from the asdm?

HTH>

New Member

Re: VPN Connections

I'd be interested in knowing a solution to this too if anyone else has any ideas?

(Have tried the suggestion above but it doesn't seem to be doing it for me although hopefully its along the right lines and maybe just some further tweaking is required?)

Thanks!

191
Views
0
Helpful
7
Replies
CreatePlease to create content