cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
122
Views
0
Helpful
2
Replies
Beginner

Cisco AnyConnect - syslog

I am using the Cisco AnyConnect client communicating to a Cisco ISR4331 device to access the back end LAN infrastructure. I have "logging trap" enabled but I'm not able to log users connecting with AnyConnect. It's not generating syslog messages for AnyConnect users for their particular login id(s). Is there something else that I have to enable to capture syslog messages for users connecting with AnyConnect?

 

GW

2 REPLIES 2
Highlighted
VIP Advocate RJI VIP Advocate
VIP Advocate

Re: Cisco AnyConnect - syslog

Hi, I am using FlexVPN Remote Access VPN on my ISR router using certificate authentication. I have the following logging commands configured:-

 

logging trap debugging
logging facility syslog
logging host 192.168.10.60

 

The following syslog message below is generated, and this is sent to the syslog server.

 

%CRYPTO-5-IKEV2_SESSION_STATUS: Crypto tunnel v2 is UP. Peer x.x.x.x:49663 Id: cn=username,cn=Users,dc=lab,dc=local

 

 HTH

Beginner

Re: Cisco AnyConnect - syslog

Here is what I see in the syslog when I entered "logging trap debugging" and "logging facility syslog"

I don't see the cn=username. The id is the  identity remote key-id

 

  • Aug 15 12:22:05.734 EDT: %CRYPTO-5-IKEV2_SESSION_STATUS: Crypto tunnel v2 is UP. Peer 192.168.10.1:57671 Id: xxxxxxx
  •  
    Aug 15 12:22:06 ROUTER 451: Aug 15 12:22:05.744 EDT: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed state to up