cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
3347
Views
0
Helpful
2
Replies
Highlighted
Beginner

Cisco ASA webvpn - ACL logging

Hi,

I'm trying configure my cisco asa 5520 that clientless webvpn connections get logged. My ACEs get hit but no logentry is created:

access-list SSLVPN_Personal; 2 elements
access-list SSLVPN_Personal line 1 webtype permit url https://*.XYZ.ABC.de log alerts interval 1 (hitcnt=41)

How can I audit what the webvpn users are doing?

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Look at syslogs 716003 and 716004 http://www.cisco.com/en/US/partner/docs/security/asa/asa83/system/message/logmsgs.html#wp4776945

716003

Error Message    %ASA-6-716003: Group group User user IP ip WebVPN access "GRANTED: url"

Explanation   The WebVPN user in this group at the specified IP address has been granted access to this URL. The user access to various locations can be controlled using WebVPN-specific ACLs.

Recommended Action   None required.

716004

Error Message    %ASA-6-716004: Group group User user WebVPN access DENIED to specified 
location: url 

Explanation   The WebVPN user in this group has been denied access to this URL. The WebVPN user access to various locations can be controlled using WebVPN-specific ACLs. In this case, a particular entry is denying access to this URL.

Recommended Action   None required.

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Look at syslogs 716003 and 716004 http://www.cisco.com/en/US/partner/docs/security/asa/asa83/system/message/logmsgs.html#wp4776945

716003

Error Message    %ASA-6-716003: Group group User user IP ip WebVPN access "GRANTED: url"

Explanation   The WebVPN user in this group at the specified IP address has been granted access to this URL. The user access to various locations can be controlled using WebVPN-specific ACLs.

Recommended Action   None required.

716004

Error Message    %ASA-6-716004: Group group User user WebVPN access DENIED to specified 
location: url 

Explanation   The WebVPN user in this group has been denied access to this URL. The WebVPN user access to various locations can be controlled using WebVPN-specific ACLs. In this case, a particular entry is denying access to this URL.

Recommended Action   None required.

View solution in original post

Highlighted

thank you!

If configured the following:

logging class webvpn trap informational

and now I get exactly what I wanted

Content for Community-Ad