Make sure that the ASA is configured at informational level logging.
The keyword field can be used when making a new rule that looks for text within an event. For example, to make a rule that looks for the start of a WebVPN session, click on the keyword cell in the new rule, and enter the %ASA-6-716001 string.
To save the change, click the Activate button on the top right of the MARS Graphical User Interface (GUI).
These are the syslog messages to identify when a Secured Sockets Layer (SSL) VPN connection is established or terminated on the MARS device:
%ASA-6-716001: Group group User user WebVPN session started
%ASA-6-716002: Group group User user WebVPN session terminated:
Hello Everyone, I need some guidance on how to replace a failed Firepower Appliance. There is ton's of information on cisco.com for this but none of them provides a step by step procedure as we generally would find in the case of routers/switches etc...
a customer is working with a ASA (rel. 9.8(4)39 and AnyConnect 4.5.
They have many LOCAL users and several AnyConnect profiles with Group URLs.At the moment every LOCAL user can use different Group URLs for login
we facing problem that sometimes our customers blocking traffic from IP ranges based on geolocation. Mostly we see this in USA where they are paranoid and blocking everything including Europe for SMTP traffic. So we are unable to send them emai...
Hi I am recently moving to SD Access and would like to use UDP director as the flow destination to push to switches as the flow destination, In my old network, I was using 2 flow collectors as flow destination which will then forward to UD...
Hi All ,
We have following setup of ISE for our customer
DC - 1 PAN + MnT ( Administration, Monitoring) and 2 PSN (Policy Service) (Total 3 node)
DR - 1 PAN + MnT ( Administration, Monitoring) and 2 PSN (Policy Service) (Total 3 node)
Our DC node (P...