12-18-2024 04:14 AM
Hi All
I have recently moved from an ASA to an FTD, using CDO
I am having trouble with some remote VPN settings and I want to check the logs, the same as I used to do on the ASDM logs on the ASA.
Where is this functionality on the FTD? I cannot find anything.
I have setup syslog and sending all logs to it, but nothing from the VPN comes through, surely there must be a way ?
12-18-2024 04:16 AM
Are you using cdFMC? Or FDM managed by CDO? Do you have a cloud logging license? Or just using the syslog functionality. RAVPN events are certainly sent via syslog. I would review your syslog collector.
12-18-2024 04:44 AM
Hi I am using cdFMC, how do I know if we have the cloud logging licence? i think we are currently on the trial licence, will no logs show with this?
The syslog is receiving some things from the Firewall just not vpn connection info
Is it possible to check the logs or debug the VPN connection locally on the FTD? if so how is that done ?
12-18-2024 05:01 AM - edited 12-18-2024 05:06 AM
Correct cdFMC includes zero logging without a SAL license.
https://www.cisco.com/c/en/us/products/collateral/security/secure-firewall/guide-c07-737902.html
https://secure.cisco.com/secure-firewall/docs/cloud-delivered-firewall-management-center
https://www.cisco.com/c/en/us/products/security/security-analytics-logging/index.html
12-18-2024 08:39 AM
Plus you are only logging level 1 (Alerts). Most interesting VPN troubleshooting messages are seen via the VPN logs preset (which references an event list) at the notifications or informational level.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide