Syslog would certainly do it. You would then have to filter your syslog on the event, but it's do-able (and cheap). I would assume that Cisco Security Manager could do it, but that might be too expensive for your environment.
I'm assuming you are running ezvpn on the router. If that's the case, you could probably use the "crypto logging ezvpn group" command to log user sessions. If you are also using an external AAA server for user authentication, you could also use aaa accounting for this purpose as well.
Thanks guys, I've got logging directed at a syslog server. Wen, you're right, we are using ezvpn, alongside an IPSec VPN for unix clients. I'll give "crypto logging ezvpn group" a shot, is there something similar for the IPSec half?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...