05-19-2011 07:26 AM
Hi,
I'm trying configure my cisco asa 5520 that clientless webvpn connections get logged. My ACEs get hit but no logentry is created:
access-list SSLVPN_Personal; 2 elements
access-list SSLVPN_Personal line 1 webtype permit url https://*.XYZ.ABC.de log alerts interval 1 (hitcnt=41)
How can I audit what the webvpn users are doing?
Solved! Go to Solution.
05-19-2011 12:44 PM
Look at syslogs 716003 and 716004 http://www.cisco.com/en/US/partner/docs/security/asa/asa83/system/message/logmsgs.html#wp4776945
Error Message %ASA-6-716003: Group group User user IP ip WebVPN access "GRANTED: url"
Explanation The WebVPN user in this group at the specified IP address has been granted access to this URL. The user access to various locations can be controlled using WebVPN-specific ACLs.
Recommended Action None required.
Error Message %ASA-6-716004: Group group User user WebVPN access DENIED to specified location: url
Explanation The WebVPN user in this group has been denied access to this URL. The WebVPN user access to various locations can be controlled using WebVPN-specific ACLs. In this case, a particular entry is denying access to this URL.
Recommended Action None required.
05-19-2011 12:44 PM
Look at syslogs 716003 and 716004 http://www.cisco.com/en/US/partner/docs/security/asa/asa83/system/message/logmsgs.html#wp4776945
Error Message %ASA-6-716003: Group group User user IP ip WebVPN access "GRANTED: url"
Explanation The WebVPN user in this group at the specified IP address has been granted access to this URL. The user access to various locations can be controlled using WebVPN-specific ACLs.
Recommended Action None required.
Error Message %ASA-6-716004: Group group User user WebVPN access DENIED to specified location: url
Explanation The WebVPN user in this group has been denied access to this URL. The WebVPN user access to various locations can be controlled using WebVPN-specific ACLs. In this case, a particular entry is denying access to this URL.
Recommended Action None required.
05-19-2011 01:07 PM
thank you!
If configured the following:
logging class webvpn trap informational
and now I get exactly what I wanted
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide