11-14-2013 10:07 PM - edited 03-11-2019 08:05 PM
hey
i configure a vpn at asa 5510 and i want to check the all the logs with time and date that people are conected through vpn
Navaz
Solved! Go to Solution.
11-21-2013 12:12 AM
here is a guide on how to configure it in the ASDM. but in step 3 choose Flash instead of the FTP option
--
Please rate all helpful posts
11-15-2013 12:38 AM
RADIUS accounting for VPN is the best way to achieve those.
11-16-2013 10:52 PM
can you send me the configuration?
Navaz
11-17-2013 12:56 AM
This can be done using both RADIUS and TACACS+. The link below has a configuration example. Keep in mind that this requires an access control server (ACS) server.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b04552.shtml
If you dont have a RADIUS or TACACS+ server then you can send these logs to a syslog server using the logging list command
hostname(config)#logging enable
hostname(config)#logging timestamp
hostname(config)#logging listlevel debugging class vpn
hostname(config)#logging trap
hostname(config)#logging host inside
Please rate all helpful posts.
11-17-2013 02:50 AM
listen
i have a 5510 asa and the vpn is configured is at this. i want the daily logs that are connected ASA through vpn.
Thanks and regards
Navaz
11-17-2013 03:06 AM
As far as I know, a summarition of the connected users to be sent to a syslog server or TACACS+ or RADIUS server can not be done.
--
Please rate all helpful posts.
11-17-2013 03:05 AM
Here is my asa configuration
ASA(config)# sh running-config
: Saved
:
ASA Version 8.0(2)
!
hostname ASA
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface Ethernet0/0
nameif outside
security-level 0
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/4
shutdown
no nameif
no security-level
no ip address
!
interface Ethernet0/5
shutdown
no nameif
no security-level
no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list 101 extended permit ip any any
pager lines 24
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 10.1.1.30
nat (inside) 1 192.168.1.0 255.255.255.0
static (outside,inside) 10.1.1.30 10.1.1.2 netmask 255.255.255.255
access-group 101 in interface outside
access-group 101 in interface inside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
!
!
prompt hostname context
Cryptochecksum:a910fcee5200493f2ed21db7bd2f82d6
: end
ASA(config)#
and the diagram
Navaz
11-19-2013 10:39 AM
Have you removed som of the configuration? There are no logging configurations.
I have provided the configurations for sending syslog messages to a syslog server in one of the above posts.
But as I mentioned, having a summarization of the leased IPs can not be done. You can however view this by using the commands
show dhcpd bindings
show dhcpd statistics
11-19-2013 03:19 PM
config terminal logging enable logging timestamp logging class auth console debugging logging class webvpn console debugging logging class ssl console debugging logging class svc console debugging
logging class vpnc console debugging
For WebVPN
For remote access activity, class webvpn is what you want. Specifically, message 716001 is for logon events, and 716002 is for logoff events.
11-20-2013 09:28 PM
i cant understand. i want to configure through asdm
Navaz
11-21-2013 12:12 AM
here is a guide on how to configure it in the ASDM. but in step 3 choose Flash instead of the FTP option
--
Please rate all helpful posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: