04-07-2024 01:56 AM - edited 04-07-2024 01:57 AM
Hi,
I try to find some Information of Remote Access or Mail ingress/egress activities on an FTD 3110 Tech support file or the Device it self.
I don't have any access to the FMC.
Solved! Go to Solution.
04-09-2024 06:11 AM
Thanks for the feedback, unfortunately I already suspected this.
We are currently trying to restore the FMC data.
But this may take a few more weeks.
04-08-2024 12:31 AM
you want FTD always debug the connect from Anyconnect ?
MHM
04-08-2024 05:45 AM
hi,
my question is whether there is a possibility to extract connection information from the TechSupport file of an FTD afterwards, which provides information about malicious network activities to a device in the local network.
For example, I am looking for successful RA VPN dial-ins by users or access to certain ports.
04-08-2024 05:55 AM
Most historical logs (including the type you are asking about) are streamed to the managing FMC in near real time and then deleted on the local device.
04-09-2024 06:11 AM
Thanks for the feedback, unfortunately I already suspected this.
We are currently trying to restore the FMC data.
But this may take a few more weeks.
04-09-2024 06:27 AM
Did you check
Show vpn sessiondb anyconnect detail
This can access from cli of ftd' it give you breif which user connect to your FTD know
MHM
04-09-2024 08:06 AM - edited 04-09-2024 08:06 AM
The command "Show vpn sessiondb anyconnect detail" will only show current connections with details (such as username, user IP real address, assigned VPN address, connection profile, tunnel-group, duration etc.).
It will not show details of any previous sessions.
04-10-2024 11:20 PM
Thanks, but even FMC don't keep this info for long time (without external syslog).
If user access via ssl vpn to ftd and it idle timeout is not end he can see it details via show vpn sessiondb.
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide