Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
1
Replies

logging VPN access

Colin Higgins
Level 2
Level 2

‎04-23-2012 09:50 AM

I have an ASA5510 configured for remote access VPN (standard and clientless). It uses LDAP to authenticate against domain controllers in my environment.

Is there a way to configure syslog to log user access to the VPN (date & time, etc.), without turning on "logging trap informational" and filling up my syslog server with loads of other information (conduits opening, teardowns, etc.)?

I am syslogging to SolarWinds using udp

Labels:
0 Helpful
1 Reply 1

mvsheik123
Level 7
Level 7

‎04-23-2012 07:15 PM

Hi Colin,

For this, you need to first know what message IDs you want syslog to receive. Say you want to receive the below message id 713059 (tunnel reject -user group-lock check failed) to syslog server...

logging list TEST message 713059

logging list TEST message 713070-713080 --> For range of messages

configure syslog server on ASA and issue the command 'logging trap TEST'.

Check the below link for more info...

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

hth

MS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents