Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1559
Views
0
Helpful
4
Replies

Cisco Firepower How to check who logged into VPN history?

tripline
Level 1
Level 1

‎10-22-2021 06:53 AM

show vpn-sessiondb index shows who logged in currently.

Is there a way to show users who logged in yesterday or last week?

Labels:
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-25-2021 09:27 PM

Not easily - unless you send the syslog events to an external syslog server and use if to analyze the data.

If you are using FMC you will see some events under the Device Management (VPN) Troubleshooting menu.

0 Helpful

keithcclark71
Level 3
Level 3
In response to Marvin Rhoads

‎10-27-2021 03:40 AM - edited ‎10-27-2021 03:42 AM

If your Username/ IP mapping is in place then one could simply filter events based on defined VPN subnet. I use certificate based yubikey smart cards with touch to establish the VPN and SBL and still can see user/IP mapping VPN history.

0 Helpful

tripline
Level 1
Level 1
In response to Marvin Rhoads

‎10-28-2021 07:33 AM

So sounds like there's nothing I can do from the CLI

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to tripline

‎10-28-2021 06:32 PM

@tripline - the only thing to show historical VPN usage from the cli would be to show log messages of the type related to VPN logon/logoff events. Assuming you are sending logs to the device buffer and that they haven't aged out due to limited local buffer storage space.

0 Helpful
Customers Also Viewed These Support Documents