Solved: Secure FMC 7.2x User Authentication Dashboard

davparker · ‎04-12-2024

I'm trying to figure out how to display user authentication attempts for VPN success/failures. I can see successful logins but not sure where to go to show failed login attempts. I have configured a Flexconfig Object to not hide username. Just trying to figure out how to show that in Secure FMC.

Thanks,

David

Marvin Rhoads · ‎04-12-2024

See the VPN Troubleshooting section (under the Device menu). You can filter there to show only failed attempts if so desired.

View solution in original post

MHM Cisco World · ‎04-12-2024

Try this way

Check message ID (failed auth) and add it to event list

MHM

Marvin Rhoads · ‎04-12-2024

See the VPN Troubleshooting section (under the Device menu). You can filter there to show only failed attempts if so desired.

davparker · ‎04-13-2024

Thanks, that works! It would be nice to add this to a dashboard.

MHM Cisco World · ‎04-14-2024

Solved: Authentication Attempts Logs On FTD FirePOWER 2130 or FTD Cisco ISA 3000 - Cisco Community

did you ever try my suggestion ??

MHM

davparker · ‎04-15-2024

I wasn't sure where in FMC to search.

Marvin Rhoads · ‎04-14-2024

@davparker I'm not sure how to build a dashboard for it, but it's relatively easy to make a report. When you have the troubleshooting page open, just click on reporting and customize it to suit. Here is a filter for rejected users:

You can generate that on-demand or schedule it to run daily etc. and optionally email it to you. Here's an example of what the rpoert PDF looks like (device name redacted):