Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

logging VPN access

I have an ASA5510 configured for remote access VPN (standard and clientless). It uses LDAP to authenticate against domain controllers in my environment.

Is there a way to configure syslog to log user access to the VPN (date & time, etc.), without turning on "logging trap informational" and filling up my syslog server with loads of other information (conduits opening, teardowns, etc.)?

I am syslogging to SolarWinds using udp

  • VPN
1 REPLY

logging VPN access

Hi Colin,

For this, you need to first know what message IDs you want syslog to receive. Say you want to receive the below message id 713059 (tunnel reject -user group-lock check failed) to syslog server...

logging list TEST message 713059

logging list TEST message 713070-713080 --> For range of messages

configure syslog server on ASA and issue the command 'logging trap TEST'.

Check the below link for more info...

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

hth

MS

236
Views
0
Helpful
1
Replies