VPN Reporting and Internet Access via Central Site Office through L2TP

s-cerman · ‎06-19-2002

Hi all

I configured VPN access via PIX with token authentication (Cryptocard) .My customer want to create of reports of connection durations of VPN users

and also want to see which users connected.

Token software doesnt have such as reporting capabilities.Is it possible to get reports from PIX by syslog or third party reporting solutions.

And also my customer want to give access to VPN users to Internet.They uses LT2P from a ISP.

I use VPN Client 3000 Version 3.5.2

I used following configuration sample http://www.cisco.com/warp/public/110/pix3000.html

and i used an different local pool than PIX inside network segment but when VPN connection established internet access via PIX is not available.

But they can access to PIX's inside network without problem..

PIX version is 6.2(1)

Any experience ?

Regards..

cjacinto · ‎06-22-2002

VPN user accounting on the PIX is still an enhancement request. You could do some form of accounting but only for tcp based vpn session, you would need to use radius for xauth which could backend to cryptocard (I have not tested challenge-response mode though), if it a challenge mode only it should be ok.

As access to the internet thru the vpn. If the Pix i terminating the tunnel on the outside interface (same internet interface they want going to the net), then this would not work, as per design PIX won't redirect packets received from the same interface.