cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
613
Views
0
Helpful
3
Replies

ASA network access authentication log

jackson.ku
Level 3
Level 3

Hi,

We hope to enable network access authentication on my ASA firewall to allow user access to Internet after authentication. Can ASA provide either the network access log with user information or user-IP mapping information?

Best Regards,

Jackson    

3 Replies 3

kenrandrews
Level 1
Level 1

When I was logging VPN access on an ASA I used a syslog server. I can't remember exactly what information it showed, but I know the ASA shows the IP address assigned to the user when they log into the VPN. Is that what you are looking for or do you want to have people authenticate a second time to be able to access the internet after authenticating to the VPN?

Hi,

We hope intranet user must authenticate before access to Internet, and keep network access log for intranet user with userid information, not only IP address.

Best Regards,

Jackson

Unfortunately I don't think this is possible, but I could be wrong. The only thing that I could think of doing is setting up a web proxy and using the ASA to point VPN users to that. Then you could require login and get detailed reports on each users, which something I am almost certain you will not get out of the ASA. Some open source ones to look into are Squid and Untangle. I personally have used Untangle before and it is not bad for free software, but I have not used it as a proxy or to require a login so I can't be much more help. Good luck finding a solution that works for you and if you find something that works on the ASA I would be interested in knowing what it was.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: