08-30-2007 06:17 PM - edited 03-11-2019 04:04 AM
Is there a way to get a PIX to log what vpngroup is used when creating a VPN connection? Syslog is recording PIX-4-602301 when the SA is created but it doesn't say which group was used. I could even get what I needed if I knew what IP address the PIX issued. I changed the logging level to informational and while I get more information it's still not what I need. Thanks.
09-05-2007 01:57 PM
show vpngroup [group_name] helps you find the group name on the PIX.
09-06-2007 06:31 AM
I know what my vpngroup names are, I want them to be recorded in syslog messages.
Here is an example
%PIX-4-602301: sa created, (sa) sa_dest= 12.227.x.x, sa_prot= 50, sa_spi= 0x9133272c(2436048684), sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 17
I know that is me connecting to the PIX, but only because I know that is my address. If I didn't know whose address (12.227.x.x) belonged to, I would have no way to find out which vpngroup was used. I am looking for a way to say 'vendor x logged into the VPN at date/time and was on for y minutes'. All I have now is that someone logged in at date/time and connected for y minutes, but I don't which vendor it was.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: