Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Logs

Hi

I wanted to know is there a way through ASDM to look at if a user was connected to the network over the weekend and if so for how long.

Thanks in advance and have a great day.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: VPN Logs

You can enable logging in ASDM under 'Monitoring' with a severity of 4 or higher and you should see some syslog messages:

4|Aug 23 2010|14:28:33|113019|||||Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested

On the CLI:

'show log | i ASA-4-113019'

%ASA-4-113019: Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested

CLI command would be:

'logging enable'

'logging asdm informational' (for ASDM)

'logging buffered informational' (for CLI buffer logging)

3 REPLIES
Cisco Employee

Re: VPN Logs

Hello,

You could look at the buffer config you have and see if you have logs stored, internal buffer can only store upto 1MB but by default it is 4KB unless you change it. Depending on the chattiness of your device i would say the old logs are probably gone. So to answer your question it is not possible to look at this info. if you have a external syslog server like MARS then you could probably get this info.

hope this helps.

Thanks,

--Sunil

New Member

Re: VPN Logs

Thanks

New Member

Re: VPN Logs

You can enable logging in ASDM under 'Monitoring' with a severity of 4 or higher and you should see some syslog messages:

4|Aug 23 2010|14:28:33|113019|||||Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested

On the CLI:

'show log | i ASA-4-113019'

%ASA-4-113019: Group = IPSEC-RA, Username = ipsec-ra, IP = x.x.x.x, Session disconnected. Session Type: IPsec, Duration: 0h:01m:46s, Bytes xmt: 540, Bytes rcv: 576, Reason: User Requested

CLI command would be:

'logging enable'

'logging asdm informational' (for ASDM)

'logging buffered informational' (for CLI buffer logging)

391
Views
0
Helpful
3
Replies