https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350875#M759926 <HTML><HEAD></HEAD><BODY><P>Vinu,</P><P></P><P>The severity level depends on the output log message.</P><P></P><P></P><P></P><PRE><A name="wp3050146"></A><A name="wpxref48625"></A><SPAN class="pEM_ErrMsg"><SPAN class="cBoldNormal">Error Message&nbsp;&nbsp; </SPAN> %ASA-6-716039: Authentication: rejected, group = <EM class="cCi_CmdItalic">name</EM> user = <EM class="cCi_CmdItalic">user</EM>, Session Type: WebVPN </SPAN></PRE><P><A name="wp3050147"></A></P><P class="pEE_ErrExp"><SPAN class="cBoldNormal">Explanation&nbsp;&nbsp; </SPAN> Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.</P><P><A name="wp3050148"></A></P><P class="pEA_ErrAct"><SPAN class="cBoldNormal">Recommended Action&nbsp;&nbsp; </SPAN> Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.</P><P></P><P>The above is severity 6 and log message number including username affected.</P><P></P><P></P><P>This urls will provide all the info you need</P><P></P><P><A href="http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501">http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501</A>&nbsp;&nbsp;&nbsp;&nbsp; (searcg for vpn will provide you all logs and severity for vpn)</P><P></P><P>Also <A href="http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html">http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html</A></P></BODY></HTML> Fri, 05 Mar 2010 12:48:56 GMT francisco_1 2010-03-05T12:48:56Z https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350873#M759905 <P>HI,</P><P></P><P>we are using PIx 515E as our firewall in our network</P><P></P><P>In Firewall we configured remote VPN access for users to access from home</P><P></P><P>now we are planning to moniotor who is authenticated on remote VPN through the syslog server</P><P></P><P>which faclilty level will give the information of authenticting remote user details</P><P></P><P>thanks inadvance</P><P>vinu</P> Mon, 11 Mar 2019 17:17:50 GMT https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350873#M759905 vinoth.kumar 2019-03-11T17:17:50Z https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350874#M759916 <HTML><HEAD></HEAD><BODY><P>Refer this link:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp5602670">http://www.cisco.com/en/US/docs/security/asa/asa80/system/message/logmsgs.html#wp5602670</A></P><P></P><PRE>109006<BR />113005<BR />113015<BR />113016<BR />113017<BR /></PRE><P></P><P>-KS</P></BODY></HTML> Fri, 05 Mar 2010 12:38:10 GMT https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350874#M759916 Kureli Sankar 2010-03-05T12:38:10Z https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350875#M759926 <HTML><HEAD></HEAD><BODY><P>Vinu,</P><P></P><P>The severity level depends on the output log message.</P><P></P><P></P><P></P><PRE><A name="wp3050146"></A><A name="wpxref48625"></A><SPAN class="pEM_ErrMsg"><SPAN class="cBoldNormal">Error Message&nbsp;&nbsp; </SPAN> %ASA-6-716039: Authentication: rejected, group = <EM class="cCi_CmdItalic">name</EM> user = <EM class="cCi_CmdItalic">user</EM>, Session Type: WebVPN </SPAN></PRE><P><A name="wp3050147"></A></P><P class="pEE_ErrExp"><SPAN class="cBoldNormal">Explanation&nbsp;&nbsp; </SPAN> Before a WebVPN session starts, the user must be authenticated successfully by a local or remote server (for example, RADIUS or TACACS+). In this case, the user credentials (user name and password) either did not match or the user does not have permission to start a WebVPN session.</P><P><A name="wp3050148"></A></P><P class="pEA_ErrAct"><SPAN class="cBoldNormal">Recommended Action&nbsp;&nbsp; </SPAN> Verify the user credentials on the local or remote server. Verify that WebVPN is configured for the user.</P><P></P><P>The above is severity 6 and log message number including username affected.</P><P></P><P></P><P>This urls will provide all the info you need</P><P></P><P><A href="http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501">http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wpxref66501</A>&nbsp;&nbsp;&nbsp;&nbsp; (searcg for vpn will provide you all logs and severity for vpn)</P><P></P><P>Also <A href="http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html">http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logsev.html</A></P></BODY></HTML> Fri, 05 Mar 2010 12:48:56 GMT https://community.cisco.com/t5/network-security/firewall-syslog/m-p/1350875#M759926 francisco_1 2010-03-05T12:48:56Z